Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool

Cybersecurity researchers have revealed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks.

The campaign, named Panamorfi by cloud security firm Aqua, uses a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is typically a DDoS package designed for Minecraft game servers.

The attack chain involves exploiting internet-exposed Jupyter Notebook instances to execute wget commands that fetch a ZIP archive from a file-sharing site called Filebin.

The ZIP file contains two Java archive (JAR) files, conn.jar and mineping.jar. The conn.jar file is used to establish connections to a Discord channel and trigger the execution of the mineping.jar package.

“This attack aims to consume the resources of the target server by sending a large number of TCP connection requests,” explained Aqua researcher Assaf Morag. “The results are written to the Discord channel.”

The attack campaign has been linked to a threat actor known as yawixooo, who has a GitHub account with a public repository containing a Minecraft server properties file.

This is not the first time internet-accessible Jupyter Notebooks have been targeted by adversaries. In October 2023, a Tunisian threat actor named Qubitstrike was observed breaching Jupyter Notebooks to illicitly mine cryptocurrency and infiltrate cloud environments.

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

error: Content is protected !!

Sign Up for CXO Digital Pulse Newsletters

Sign Up for CXO Digital Pulse Newsletters to Download the Research Report

Sign Up for CXO Digital Pulse Newsletters to Download the Coffee Table Book

Sign Up for CXO Digital Pulse Newsletters to Download the Vision 2023 Research Report

Download 8 Key Insights for Manufacturing for 2023 Report

Sign Up for CISO Handbook 2023

Download India’s Cybersecurity Outlook 2023 Report

Unlock Exclusive Insights: Access the article

Download CIO VISION 2024 Report

Share your details to download the report

Share your details to download the CISO Handbook 2024