Malware Controlling Thousands of Sites in the Parrot TDS Network Discovered by Researchers According to new research.
the Parrot traffic direction system (TDS) that was revealed earlier this year had a greater impact than previously thought.
Sucuri, which has been tracking the same campaign under the name “NDSW/NDSX” since February 2019, stated that .
“the malware was one of the top infections” detected in 2021, accounting for over 61,000 websites.
Avast, a Czech cybersecurity company.
documented Parrot TDS in April 2022, noting that the PHP.
script had ensnared web servers hosting more than 16,500 websites to act as a gateway for further attack campaigns.
content management systems (CMS) like WordPress.
which are then said to have been breached by exploiting weak login credentials and vulnerable plugins.
In addition to using various obfuscation techniques to conceal the code.
according to Sucuri researcher Denis Sinegubko.
NDSW campaign discovered typical obfuscated PHP malware
“The NDSW malware campaign is extremely successful because it employs a versatile exploitation toolkit that is constantly updated with new disclosed and zero-day vulnerabilities,” Sinegubko said.
“Once the bad actor has gained unauthorized access to the environment, they install various backdoors and CMS admin users to maintain access to the compromised website long after the original vulnerability has been fixed.”
Have you enjoyed reading this article? To read more exclusive material from THN, follow us on Facebook. Malware Controlling Thousands of Sites in the Parrot TDS Network Discovered by Researchers