JBoss Worm

  • Stratosphere

    (@stratosphere)


    9 years, 4 months ago

    Update 6.3.0 went well, no problems and just takes a little getting used to where every thing is from the pervious version.

    This morning the following IP 192.241.128.196 was permitted to access my site. It was caught by another plugin called Bad Behaviour.

    I researched it’s access which is: GET/zecmd/zecmd.jsp?comment=id HTTP/1.0 and found it refers to a hack called Jboss Worm which seems to be an old one.

    I did a scan and found no hacking alerts, just to update another plugin I have.
    I traced the IP to Digital Ocean which is a hosting company in New York City, which is also a spam/hacker nest who try to access our site every day – probably on automatic software.
    I block them every day also but this new attempt is more revealing.
    Should I be concerned?

Viewing 1 replies (of 1 total)
  • Thread Starter Stratosphere

    (@stratosphere)

    9 years, 4 months ago

    Bump. Any one chime in here? Did you ever seen this request before?

    GET/zecmd/zecmd.jsp?comment=id HTTP/1.0

    thank you.

Viewing 1 replies (of 1 total)

The topic ‘JBoss Worm’ is closed to new replies.