A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_URI::$config is deprecated
Filename: core/URI.php
Line Number: 102
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Router::$uri is deprecated
Filename: core/Router.php
Line Number: 128
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$benchmark is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$hooks is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$config is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$log is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$utf8 is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$uri is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$exceptions is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$router is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$output is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$security is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$input is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$lang is deprecated
Filename: core/Controller.php
Line Number: 83
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$db is deprecated
Filename: core/Loader.php
Line Number: 397
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_DB_mysqli_driver::$failover is deprecated
Filename: database/DB_driver.php
Line Number: 372
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$email is deprecated
Filename: core/Loader.php
Line Number: 1284
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: ini_set(): Session ini settings cannot be changed after headers have already been sent
Filename: Session/Session.php
Line Number: 303
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: session_set_cookie_params(): Session cookie parameters cannot be changed after headers have already been sent
Filename: Session/Session.php
Line Number: 328
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: ini_set(): Session ini settings cannot be changed after headers have already been sent
Filename: Session/Session.php
Line Number: 355
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: ini_set(): Session ini settings cannot be changed after headers have already been sent
Filename: Session/Session.php
Line Number: 365
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: ini_set(): Session ini settings cannot be changed after headers have already been sent
Filename: Session/Session.php
Line Number: 366
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: ini_set(): Session ini settings cannot be changed after headers have already been sent
Filename: Session/Session.php
Line Number: 367
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: ini_set(): Session ini settings cannot be changed after headers have already been sent
Filename: Session/Session.php
Line Number: 368
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: ini_set(): Session ini settings cannot be changed after headers have already been sent
Filename: Session/Session.php
Line Number: 426
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: session_set_save_handler(): Session save handler cannot be changed after headers have already been sent
Filename: Session/Session.php
Line Number: 110
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: Warning
Message: session_start(): Session cannot be started after headers have already been sent
Filename: Session/Session.php
Line Number: 137
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$session is deprecated
Filename: core/Loader.php
Line Number: 1284
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$form_validation is deprecated
Filename: core/Loader.php
Line Number: 1284
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$pagination is deprecated
Filename: core/Loader.php
Line Number: 1284
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property Blog::$zip is deprecated
Filename: core/Loader.php
Line Number: 1284
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$load is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$benchmark is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$hooks is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$config is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$log is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$utf8 is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$uri is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$exceptions is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$router is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$output is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$security is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$input is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$lang is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$db is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$email is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$session is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$form_validation is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$pagination is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
A PHP Error was encountered
Severity: 8192
Message: Creation of dynamic property CI_Loader::$zip is deprecated
Filename: core/Loader.php
Line Number: 932
Backtrace:
File: /www/wwwroot/SINHCOMS/VT/main/application/controllers/Blog.php
File: /www/wwwroot/SINHCOMS/VT/main/index.php
Vismrit Tech | Home Startup
Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage
Theresa Underwood
Sep 10, 2021
9 min to read
Hackers "likely" exploited a vulnerability in Atlassian Confluence server to deploy a never-before-seen backdoor for cyberespionage purposes
A threat actor is said to have "highly likely" exploited a security flaw in an outdated Atlassian Confluence server to deploy a never-before-seen backdoor against an unnamed organization in the research and technical services sector.
The attack, which transpired over a seven-day-period during the end of May, has been attributed to a threat activity cluster tracked by cybersecurity firm Deepwatch as TAC-040 .
"The evidence indicates that the threat actor executed malicious commands with a parent process of tomcat9.exe in Atlassian's Confluence directory," the company said . "After the initial compromise, the threat actor ran various commands to enumerate the local system, network, and Active Directory environment."
The Atlassian vulnerability suspected to have been exploited is CVE-2022-26134 , an Object-Graph Navigation Language (OGNL) injection flaw that paves the way for arbitrary code execution on a Confluence Server or Data Center instance.
Following reports of active exploitation in real-world attacks, the issue was addressed by the Australian company on June 4, 2022.
But given the absence of forensic artifacts, Deepwatch theorized the breach could have alternatively entailed the exploitation of the Spring4Shell vulnerability (CVE-2022-22965 ) to gain initial access to the Confluence web application.
Not much is known about TAC-040 other than the fact that the adversarial collective's goals could be espionage-related, although the possibility that the group could have acted out of financial gain hasn't been ruled out, citing the presence of a loader for an XMRig crypto miner on the system.
While there is no evidence that the miner was executed in this incident, the Monero address owned by the threat actors has netted at least 652 XMR ($106,000) by hijacking the computing resources of other systems to illicitly mine cryptocurrency.
The attack chain is also notable for the deployment of a previously undocumented implant called Ljl Backdoor on the compromised server. Roughly 700MB of archived data is estimated to have been exfiltrated before the server was taken offline by the victim, according to an analysis of the network logs.
The malware, for its part, is a fully-featured trojan virus designed to gather files and user accounts, load arbitrary .NET payloads, and amass system information as well as the victim's geographic location.
"The victim denied the threat actor the ability to laterally move within the environment by taking the server offline, potentially preventing the exfiltration of additional sensitive data and restricting the threat actor(s) ability to conduct further malicious activities."
Related Post
Demand generation is a constant struggle for any business. Each marketing strategy you employ has...
Learn more
Organic search has the potential to capture more than 40 percent of your gross revenue...
Learn more
Demand generation is a constant struggle for any business. Each marketing strategy you employ has...
Learn more
Sophie Asveld
February 14, 2021
Email is a crucial channel in any marketing mix, and never has this been truer than for today’s entrepreneur. Curious what to say.
Ariana Gerad
February 14, 2021
Email is a crucial channel in any marketing mix, and never has this been truer than for today’s entrepreneur. Curious what to say.
Sophie Asveld
February 14, 2021
Email is a crucial channel in any marketing mix, and never has this been truer than for today’s entrepreneur. Curious what to say.