Be Alert Server Admins! JBOSS Backdoor ahead!

According to a report published by Security Researchers of CISCO, more than 3 million servers are vulnerable to a major JBOSS Backdoor. Security Researchers said that the main reason behind this is the use of outdated and vulnerable softwares on the servers. A special test strategy was made by researchers to find out those servers which are allowing hackers for Samsam Ransomware attacks. Hackers are using JBOSS named Backdoor to make changes into the program files of servers for encryption attacks.

What hackers could do?

By exploiting these major vulnerabilities, hackers could do Ransomware attacks. Samsam ransomware is the most compatible ransomware with JBOSS backdoor. Security Researchers of CISCO were already familiar with this Backdoor and Ransomware, so they took a few seconds to understand the risk of these vulnerabilities. During their research, the first vulnerability which they had found was related to JBOSS backdoor. After that they went deeper for more good results and at the end they found 3 million infected servers.

How Researchers came to know about it?

Researchers were investigating some systems which were infected with this JBOSS backdoor. Initially, the test had been performed by researchers on more than two thousand infected systems. All these servers were handling websites of schools, Government Organisations and many companies. Security Researchers found some shells, which were uploaded by the hackers on the web servers. All the infected servers were using some softwares which were outdated. Follett “Destiny” is the most infected software.

Some Security Tips for Server Admins

Disable external access to the server. This will protect you from Remote Hacks.

Install Security Updates for all the softwares , which you are using.

Make a backup file of the whole server and upload it on a new non vulnerable server.

Conclusion

This vulnerability has been fixed by the companies, by releasing security updates for their softwares. If you are also using Follett Destiny, update it immediately. This is the software which is mostly used by the schools and universities for maintaining "Library Management System."