Software:ZmEu (vulnerability scanner)

From HandWiki
Short description: Program scanning for vulnerabilities in phpMyAdmin web servers.

ZmEu is a computer vulnerability scanner which searches for web servers that are open to attack through the phpMyAdmin program,[1] [2] [3] It also attempts to guess SSH passwords through brute-force methods,[4] and leaves a persistent backdoor. It was developed in Romania and was especially common in 2012.

It is apparently named after Zmeu, a dragon-like being in Romanian folklore.[5]

Log of a hacker running ZmEu on a webserver.

References

  1. "Fortinet®'s FortiGuard Threat Landscape Research Team Reports Four Samples of Money Making Malware to Watch for in 2013 | Fortinet". http://www.fortinet.com/press_releases/130204.html. 
  2. "Hacktivists Turn to ZmEu Scanning Tool to Compromise Websites, Fortinet Finds". 5 February 2013. http://news.softpedia.com/news/Hacktivists-Turn-to-ZmEu-Scanning-Tool-to-Compromise-Websites-Fortinet-Finds-326827.shtml. 
  3. "ZmEu attacks: Some basic forensic". 24 February 2011. http://ensourced.wordpress.com/2011/02/25/zmeu-attacks-some-basic-forensic/. 
  4. "Google Code Archive - Long-term storage for Google Code Project Hosting". https://code.google.com/p/caffsec-malware-analysis/wiki/ZmEu. 
  5. "Attacks by ZmEu or w00tw00t robots". 21 July 2010. http://linux.m2osw.com/zmeu-attack. 



Retrieved from "https://handwiki.org/wiki/index.php?title=Software:ZmEu_(vulnerability_scanner)&oldid=2130824"