elf.unidentified_001 (Back to overview)

Unidentified Linux 001

According to Cybereason, these scripts have been used in an ongoing campaign exploiting a widespread vulnerability in the Exim MTA: CVE-2019-10149. This attack leverages a week-old vulnerability to gain remote command execution on the target machine, search the Internet for other machines to infect, and initiates a crypto miner.

2019-06-13CybereasonAmit Serper, Mary Zhao
@online{serper:20190613:new:34a6ab0, author = {Amit Serper and Mary Zhao}, title = {{New Pervasive Worm Exploiting Linux Exim Server Vulnerability}}, date = {2019-06-13}, organization = {Cybereason}, url = {}, language = {English}, urldate = {2020-01-09} } New Pervasive Worm Exploiting Linux Exim Server Vulnerability
Unidentified Linux 001

There is no Yara-Signature yet.