Posts Tagged ‘Java-backdoor’

Trend MicroAntivirus company Trend Micro today announced the discovery of a new class of malicious software backdoor aimed at infection HTTP-server implemented to work with Java.

Code allows attackers to execute malicious commands directed to the system in which the server is running. Threat, known as BKDR_JAVAWAR.JG, implemented as JSP (Java Server Page), that allows you to initially run malicious code on the Java-server and directly access the Java-servlet containers such as Apache Tomcat.

After the attacking code is started, a potential attacker can remotely access the server, view the files on it, edit, download or delete a common Web-based console. Something similar earlier appeared to PHP, but PHP-backdoors could not work with anything other than PHP interpreter.

“Besides the fact that the attacker can gain access to sensitive information, it can also infect the server by other malicious code and gain unauthorized access to other data,” – said in Trend Micro. (more…)