Muhstik Takes Aim at Confluence CVE 2021-26084
released on 2021-09-09 @ 08:16:47 AM
In line with USCYBERCOM’s warning, publicly available Confluence exploit scripts are being integrated into opportunistic attackers’ toolkits.
Muhstik, a known threat actor targeting cloud and IoT, is one of these opportunistic attackers targeting vulnerable Confluence servers to spread their botnet.
Lacework Labs observed bash droppers with zero detections on VirusTotal being used in conjunction with CVE 2021-26084.