‘FreakOut’ Botnet Targets Unpatched Linux Systems

DDoS Protection
Fraud Management & Cybercrime

Researchers Says Malicious Network Could Be Used to Launch DDoS Attacks

'FreakOut' Botnet Targets Unpatched Linux Systems
How the ‘FreakOut’ botnet infects Linux systems (Source: Check Point Research)

Researchers at Check Point Research are tracking a new botnet dubbed “FreakOut” that’s targeting vulnerabilities in Linux systems.

The goal behind the botnet’s attacks, researchers say, is to create an IRC botnet – a collection of machines infected with malware that can be remotely controlled – that then can be used for malicious activities, such as launching distributed denial-of-service attacks or cryptomining (see: Monero Mining Botnet Targets PostgreSQL Database Servers ).

See Also: 7 Ways to Take Cybersecurity to New Levels

The FreakOut botnet is targeting Linux-based systems that include the TerraMaster operating system, which manages TerraMaster network-attached storage servers; the Zend framework, designed to build web application services using PHP; and Liferay Portal, a web application platform that enables users to create portals and websites.

Each of these open-source systems has a vulnerability that the FreakOut botnet attempts to exploit, the researchers say. In the TerraMaster OS, the remote code execution flaw is tracked as CVE-2020-28188. The Zend framework deserialization bug is listed as CVE-2021-3007. And the deserialization vulnerability within the Liferay Portal is CVE-2020-7961.

Researchers urge users to patch these flaws to…