
FreakOut Botnet Freaking Out Linux Administrators
A highly-sophisticated botnet known as FreakOut is targeting applications running on Linux operating systems — immediate patching is required.
FreakOut Botnet Exploiting Linux Vulnerabilities
A highly-sophisticated botnet known as FreakOut is targeting applications running on Linux operating systems which require immediate patching. Initial reports indicate this is primarily impacting Linux systems which have not been patched.
During a Weaponized attack, the botnet talks back to a remote system from where the Linux device becomes a slave, and the attacker has full access to the victim to deliver ransomware or perform data theft.
Syxscore Risk Alert
The following vulnerabilities have been identified as important vulnerabilities to remediate in order to reduce the risk of the botnet becoming weaponized; we recommend to deploy at least one or preferably all three if they are detected on any of your systems.
1. CVE-2020-28188 – RCE in TerraMaster management panel (disclosed on December 24, 2020)
CVSS Score: Critical 9.8
Attack Vector: Network
Vector Complexity: Low
Privileges Required: None
User Interaction: None
Jump Point (Scope): No
2. CVE-2021-3007 – Deserialization bug in the Zend Framework (disclosed on January 3, 2021)
CVSS Score: Critical 9.8
Attack Vector: Network
Vector Complexity: Low
Privileges Required: None
User Interaction: None
Jump Point (Scope): No
3. CVE-2020-7961 – Deserialization bug in the Liferay Portal (disclosed on March 20, 2020)
CVSS Score: Critical 9.8
Attack Vector: Network
Vector Complexity: Low
Privileges Required: None
User Interaction: None
Jump Point (Scope): No
Experience the Power of Syxsense
Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.