DreamBus malware exploits RocketMQ flaw to infect servers

[correlate]

Level 18
Thread author
Verified
Top Poster
Well-known
May 4, 2019
825
A new version of the DreamBus botnet malware exploits a critical-severity remote code execution vulnerability in RocketMQ servers to infect devices.
The exploited flaw, tracked as CVE-2023-33246, is a permission verification issue that impacts RocketMQ version 5.1.0 and older, allowing attackers to perform remote command execution under certain conditions.
The recent DreamBus attacks leveraging that flaw were spotted by researchers at the Juniper Threat Labs, who reported a spike in the activity in mid-June 2023.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top