all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Backdoor Targets FreePBX Asterisk Management Portal

Add to bookmarks
Dec. 15, 2022, 6:32 p.m. | Krasimir Konov

Sucuri Blog blog.sucuri.net

Written in PHP and JavaScript, FreePBX is a web-based open-source GUI that manages Asterisk, a voice over IP and telephony server. This open-source software allows users to build customer phone systems.


During a recent investigation, I came across a simple piece of malware targeting FreePBX’s Asterisk Management portal which allowed attackers to arbitrarily add and delete users, as well as modify the website’s .htaccess file.


Let’s take a closer look at this backdoor.


Continue reading Backdoor Targets FreePBX Asterisk Management …

asterisk backdoor black hat tactics hacked websites labs note management portal sucuri labs website backdoor website malware infections website security

Visit resource

More from blog.sucuri.net / Sucuri Blog

JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 1 day ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 2 days, 22 hours ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 1 week, 1 day ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 1 week, 3 days ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 2 weeks, 2 days ago | blog.sucuri.net
adoption black hat tactics can cms +19
WordPress Vulnerability & Patch Roundup March 2024 3 weeks, 4 days ago | blog.sucuri.net
attacks automated awareness best practices +32
Sign1 Malware: Analysis, Campaign History & Indicators of Compromise 4 weeks, 2 days ago | blog.sucuri.net
analysis campaign clear client +20
What is .htaccess Malware? (Detection, Symptoms & Prevention) 1 month ago | blog.sucuri.net
attackers black hat black hat seo black hat tactics +23
Sucuri WordPress Plugin Updates for 2024 1 month ago | blog.sucuri.net
check download features free +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States
View on infosec-jobs.com

Associate DevSecOps Engineer

@ LinQuest | Los Angeles, California, United States
View on infosec-jobs.com

DORA Compliance Program Manager

@ Resillion | Brussels, Belgium
View on infosec-jobs.com

Head of Workplace Risk and Compliance

@ Wise | London, United Kingdom
View on infosec-jobs.com
View more jobs