03 August 2024Ravi LakshmananDDOS Attack / Server Security

Minecraft DDOS Tool

Cybersecurity researchers have revealed details of a new Distributed Denial of Service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks.

Activity, code name Panamorphic By cloud security firm Aqua, uses a Java-based tool called mining A TCP flood to launch a DDoS attack. Mining is a DDoS package designed for Minecraft game servers.

The attack chains exploit Internet-exposed Jupyter Notebook instances to run widget commands to retrieve a ZIP archive hosted on a file-sharing site called FileBin.

Cyber ​​security

The zip file contains two Java Archive (JAR) files, conn.jar and mineping.jar, which are used to establish a connection to the Discord channel and trigger the mineping.jar package’s execution.

“The aim of this attack is to consume the target server’s resources by sending a large number of TCP connection requests,” Aqua researcher Asaf Morag said. said. “Results are posted on the Discord channel.”

Minecraft DDOS Tool

The attack campaign has been attributed to a threat actor known as Somewhose GitHub account has a public repository containing the Minecraft server properties file.

This is not the first time that an Internet-accessible Jupyter Notebook has been targeted by adversaries. In October 2023, a Tunisian threat was dubbed. Qubitstrike Jupyter Notebooks were seen to be breached in an attempt to illegally mine cryptocurrency and breach cloud environments.

Did you find this article interesting? Follow us. Twitter And LinkedIn To read more exclusive content we post.





Source link