Deep 'turkey' attacks Solaris 10 operating system

Sun Microsystems Solaris 10 OS is being attacked by a new worm called 'turkey' from the end of last month thanks to taking advantage of the flaw in this operating system. The new worm is called Unix / Froot-A (or Wanuk) and the reason is

Sun Microsystems Solaris 10 OS is being attacked by a new "turkey" worm from the end of last month thanks to taking advantage of the flaw in this operating system.

The new worm is called Unix / Froot-A (or Wanuk ) and the reason is called "turkey" because in the source part of the worm there is a picture of a turkey drawn with ASCII characters.

The zero-day exploit exploited by Unix / Froot-A has been patched up by Sun three days after the first exploit code was released last month. The vulnerability lies in the Telnet process, which is used to connect Telnet clients together, allowing hackers to access the system without needing a password. The attacker can fully control the system through this vulnerability.

images 1 of Deep 'turkey' attacks Solaris 10 operating system — *Images 1 of Deep 'turkey' attacks Solaris 10 operating system*

Unix / Froot-A scans port 23 to check if Telnet is running, and then sends data to exploit the vulnerability. The infected computers will then perform the task of scanning other computers for vulnerabilities.

Security firm Sophos said it has not received a report of an attack on Sun Microsystems through the flaw. Solaris users are recommended to install the latest fixes and disable the Telnet feature.

Marvin Fry

Update 26 May 2019

« PREV : What to do before...

In February, Vietnam... : NEXT »