Categories: HackingMalware

Hacked MIT Server Used to Stage Attacks, Scan for Vulnerabilities

Bitdefender reseachers have discovered a number of brute force attacks against several web site. The attacks have been done using a server at the Massachusetts Institute of Technology (MIT).

The hacking attack against the MIT.edu infrastructure started with a malicious script on one MIT server. One MIT server (CSH-2.MIT.EDU) hosts a malicious script actively used by cyber-crooks to scan the web for vulnerable websites

The crawler searches the MIT infrastructure looking for vulnerable versions of PHPMyAdmin and will try to gain admin rights in order to inject a SQL query into the database. Successfully attacked web sites will have a folder called “muieblackcat” on them.

The MIT infrastructure has been used because it is highly likely to by pass firewalls from this source, they obviously accept traffic from MIT.edu as legit.

http://www.theinquirer.net/inquirer/news/2122546/hacked-mit-server-blamed-brute-force-web-site-attacks

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.