As a recent update, the Mirai botnet threat targets a server that previously ran the OFBiz enterprise resource planning (ERP) platform. The attack vector used in this campaign takes advantage of a severe OWASP class 2 issue in OFBiz identified as directory traversal.
Directory traversal is another type of security issue in which people are allowed to input resource requests for directories outside their allowed path. Due to this weakness, Mirai can perform unauthorized actions and overpower the security controls to reach the desired system resources. After infiltrating a given server, it turns into a node of the Mirai botnet, which is a complete network of infected devices.
The consequence of an infected Mirai is terrible. As part of the botnet, the OFBiz servers can be utilized for numerous purposes, such as DDoS attacks, spam campaigns, and cryptojacking. These attacks can lead to the interruption of business activities and loss of reputation, resulting in loss of money. Also, the theft of data is a big danger as, in many cases, stolen servers are full of users’ personal data, employees, and the financial operations of the company.
The only way organizations can safeguard against Mirai attacks and negate the dangers tied to the OFBiz weakness is to incorporate a multilayered security plan. This comprises of constantly patching up the system and applying the current security updates, sometimes scanning the system for the common vulnerabilities and finally installing a good intrusion detection as well as prevention system.
Through grasping the problem Mirai poses and following executive’s preventive activities towards OFBiz environments, organizations can decrease the probability of becoming victims of this malicious hack in the future.
