8220 Gang: Unleashing Malware through Oracle WebLogic Server Vulnerability

December 19, 2023
1 min read

The 8220 Gang, a threat actor group, has been exploiting a vulnerability in Oracle WebLogic Server to spread malware. The vulnerability, known as CVE-2020-14883, is a high-severity flaw that allows authenticated attackers to execute code on susceptible servers. The group has a history of leveraging security flaws to distribute cryptojacking malware and has previously targeted Oracle WebLogic servers. Recent attack chains observed by security researchers involve the exploitation of CVE-2020-14883 to deploy stealer and coin mining malware. The group targets various industries and countries, including healthcare, telecommunications, and financial services sectors in the U.S., South Africa, Spain, Columbia, and Mexico. Although considered unsophisticated, the group constantly evolves its tactics to evade detection.

Latest from Blog

MediSecure hacked with massive ransomware data breach

Summary of ‘MediSecure hit by large-scale ransomware data breach’ TLDR: MediSecure, an Australian prescriptions provider, was hit by a large-scale ransomware attack. The incident is believed to have originated from one of

Equalizing cybersecurity for all

TLDR: A discussion on how organizations can enhance their cybersecurity posture with Blumira’s automated threat monitoring, detection, and response solutions. Blumira is working to lower the barrier to entry in cybersecurity for

Big cyber-attacks cost less now

Summary of Unexpectedly, the cost of big cyber-attacks is falling TLDR: Cybercrime costs are expected to rise to $23 trillion by 2027, according to Anne Neuberger Data shows that the economic impact