• Language chooser
    • USA (English)
    • France (Français)

virus logo Outbreak Alert

Sysrv-K Botnet

Released: May 14, 2022

Download PDF »

Sysrv-K Botnet

High Severity

Vulnerability Type

Cryptocurrency miner on Windows & Linux

Known for exploiting vulnerabilities in web apps and databases to install coin miners on both Windows and Linux systems. Learn More »

Common Vulnerabilities and Exposures

CVE-2022-22947

Background

As reported by Microsoft: "We encountered a new variant of the Sysrv botnet, known for exploiting vulnerabilities in web apps and databases to install coin miners on both Windows and Linux systems. The new variant, which we call Sysrv-K, sports additional exploits and can gain control of web servers." These vulnerabilities, which have all been addressed by security updates, include old vulnerabilities in WordPress plugins, as well as newer vulnerabilities like CVE-2022-22947. Once running on a device, Sysrv-K deploys a cryptocurrency miner.

Threat Radar Overall Score:
CVSS Rating 10.0
FortiRecon Score 92/100
Known Exploited Yes
Exploit Prediction Score 97.5%
FortiGuard Telemetry 9700

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


May 13, 2022:
https://twitter.com/MsftSecIntel/status/1525158219206860801


May 16, 2022: CISA added the vulnerability to its Known Exploited Vulnerability catalog.

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT

  • IPS

  • Web App Security

DETECT

  • Outbreak Detection

  • Threat Hunting

RESPOND

  • Assisted Response Services

  • Automated Response

RECOVER

  • NOC/SOC Training

  • End-User Training

IDENTIFY

  • Attack Surface Hardening

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.


Loading ...

References

Sources of information in support and relation to this Outbreak and vendor.


Bleeping Computer

Learn More »
CISA

Learn More »
About FortiGuard Outbreak Alerts

Learn More »