While performing routine security research, one of our threat analysts discovered the latest version of a Command and Control (C2) script, which is referred to as F-Automatical within the script’s code and was commonly known as FoxAuto in older versions. This is the seventh version of this automatic C2 script that is developed and distributed by a threat group called Anonymous Fox. This script is exactly as advertised: a script that automates tasks performed by a threat actor on a compromised web server. While this script is not used to exploit a vulnerability, it is a post-exploitation script that is run from a location under the threat actor’s control and can be used to maintain persistence or upload additional malware on a website that the threat actor has already accessed through an exploited vulnerability.
You may also like
How to Do an SEO Competitor Analysis in WordPress (2 Easy Ways)
Are you wondering what strategies your...
Download a Free Jewelry Designer Theme Builder Pack for Divi
It’s time for another freebie! This time, we’re...
Divi Assistant Plugin for WordPress
Divi makes it easy to customize your website via...