Microsoft’s detection and tracks
Microsoft has reported that between August 2020 and January 2021, it has observed around 140,000 web shells a month, up from roughly 77,000 last August.
Microsoft's stats have shown the crucial role of web shells as an entry point and persistence mechanism for attacks on public-facing systems in corporate IT networks.
Their flexible use with almost every programming language that runs on a web server, such as ASP, JSP, JS, or PHP, renders detection difficult.
How do web shells help?
Through web shell attacks, hackers can execute commands via a graphical or command-line interface on a hacked server, control the hacked server, steal data and login credentials, use the devices to launch two-stage attacks, and move laterally throughout the network.
You should also know
Recently, PHP malware was discovered containing multiple backdoors and web shells for whitespace obfuscation.
In January, the Chopper ASPX web shell named Backdoor.ASP.WEBSHELL.UWMANA was discovered in a targeted attack.
Hackers were using the BumbleBee web shell to upload an ..
Support the originator by clicking the read the rest link below.
