A sophisticated multi-staged Apache Struts cyber attack campaign is abusing NSA-linked exploits to target internal networks, researchers from F5 Networks have discovered.
Dubbed Zealot, the highly obfuscated attack uses the EternalBlue and EternalSynergy exploits to target Windows and Linux systems. The newly uncovered campaign employs a PowerShell agent to compromise Windows systems and a Python agent to target Linux/OS X. The scripts appear based on the EmpireProject post-exploitation framework, F5 says.
Leave a reply