AndroxGh0st.Malware
Description
This indicates an attempt to use AndroxGh0st.
AndroxGh0st is a malicious Python malware targeting primarily Laravel .env files.
Outbreak Alert
FortiGuard Labs continue to observe widespread activity of Androxgh0st Malware in the wild exploiting multiple vulnerabilities, specifically targeting- the PHPUnit (CVE-2017-9841), Laravel Framework (CVE-2018-15133) and Apache Web Server (CVE-2021-41773) to spread and conduct information gathering attacks on the target networks
Affected Products
Any vulnerable Laravel servers.
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
Monitor the traffic for any suspicious activity.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |