Port 22

Spam Campaign Abuses PHP Functions for Persistence, Uses Compromised Devices for Evasion and Intrusion

We found a spam campaign that uses compromised devices to attack vulnerable web servers. From the devices, attackers use a PHP script to send an email with an embedded link to a scam site to specific email addresses. The use of compromised devices for attacks make attribution difficult, and attackers can have repeated access to the server even after patching.

The post Spam Campaign Abuses PHP Functions for Persistence, Uses Compromised Devices for Evasion and Intrusion appeared first on .