Hacked by Infection Group (Check your Modernbill Version)
Hi,
One of our servers was hacked by "Infection Group" and all index files were replaced by modified index.html files.
So far I only found two executable files called l_all.exe and ram.exe in /tmp
Does anyone have experience with this or know how they did it and what to check for?
Any help would be appreciated.
Hi,
One of our servers was hacked by "Infection Group" and all index files were replaced by modified index.html files.
So far I only found two executable files called l_all.exe and ram.exe in /tmp
Does anyone have experience with this or know how they did it and what to check for?
Any help would be appreciated.