No announcement yet.

Microsoft said the number of web shells has doubled since last year

  • Filter
  • Time
  • Show
Clear All
new posts

  • Microsoft said the number of web shells has doubled since last year

    Microsoft says it's seeing around 140,000 web shells a month, up from roughly 77,000 last August.

    Microsoft says the number of malicious web shells installed on web servers has almost doubled since its last count, last year in August 2020.

    The number has increased as a result of a shift in how hackers view web shells. Once considered a tool for script kiddies defacing websites and the go-to tool of DDoS botnet operators, web shells are now part of the arsenal of ransomware gangs and nation-state hackers alike and are crucial tools used in complex intrusions.

    Two of the reasons they have become so popular is their versatility and access they provide to hacked servers.

    Web shells, which are nothing more than simple scripts, can be written in almost any programming language that runs on a web server —such as PHP, ASP, JSP, or JS— and such, can be easily hidden inside a website's source code. This makes detecting them a difficult operation, which often involves a manual analysis from a human operator.

    In addition, web shells provide hackers with a simple way to execute commands on a hacked server via a graphical or command-line interface, providing attackers with a simple way to escalate attacks.