Godzilla Web Shell

Malware Profile Updated 4 days ago
Download STIX
Preview STIX
The Godzilla Web Shell is a type of malware, or malicious software, designed to exploit and damage computer systems. It operates by infiltrating a system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, it can steal personal information, disrupt operations, or even hold data hostage for ransom. Threat actors have been exploiting a flaw in Apache ActiveMQ to deliver the Godzilla Web Shell, according to multiple reports. Apache ActiveMQ is a popular open-source messaging and Integration Patterns server, and its vulnerability has provided an avenue for hackers to deploy this harmful malware. This exploitation underscores the critical importance of maintaining up-to-date security measures and robust access controls to prevent such attacks. In another instance, the importance of proactive cybersecurity measures was further highlighted when hackers deployed the Godzilla Web Shell by exploiting a flaw in a WordPress plugin. WordPress, being one of the most widely used content management systems, presents a lucrative target for cybercriminals. This event emphasizes the need for regular software updates, rigorous security practices, and the use of trusted plugins to safeguard against such threats.
What's your take? (Question 1 of 3)
5542a135-0a1c-40f7-a56c-83ac8907b162 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Godzilla
3
"Godzilla" is a potent malware that has been active in the cybercrime landscape since at least 2018. This malicious software allows attackers to remotely control compromised servers, execute arbitrary commands, manipulate databases, and perform other harmful activities. The malware is often deployed
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vulnerability
Exploit
Activemq
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Godzilla Web Shell Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Securityaffairs
4 months ago
Security Affairs newsletter Round 456 by Pierluigi Paganini
Securityaffairs
2 months ago
Security Affairs newsletter Round 465 by Pierluigi Paganini
Securityaffairs
3 months ago
Security Affairs newsletter Round 461 by Pierluigi Paganini
Securityaffairs
25 days ago
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
2 months ago
Security Affairs newsletter Round 466 by Pierluigi Paganini
DARKReading
4 months ago
Godzilla Web Shell Attacks Stomp on Critical Apache ActiveMQ Flaw
Securityaffairs
4 days ago
Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
a month ago
Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
2 months ago
Security Affairs newsletter Round 463 by Pierluigi Paganini
DARKReading
3 months ago
Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory
CERT-EU
3 months ago
Cyber Security News Weekly Round-Up : Vulnerabilities & Cyber Attacks | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Securityaffairs
2 months ago
Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
3 months ago
Security Affairs newsletter Round 460 by Pierluigi Paganini
Securityaffairs
3 months ago
Security Affairs newsletter Round 462 by Pierluigi Paganini
Securityaffairs
3 months ago
Security Affairs newsletter Round 459 by Pierluigi Paganini
CERT-EU
3 months ago
Hackers Exploit WordPress Plugin Flaw to Deploy Godzilla Web Shell
Securityaffairs
2 months ago
Security Affairs newsletter Round 464 by Pierluigi Paganini
CERT-EU
9 months ago
China-Linked Flax Typhoon Cyber Espionage Targets Taiwan's Key Sectors
Securityaffairs
4 months ago
Security Affairs newsletter Round 457 by Pierluigi Paganini
MITRE
a year ago
Tarrask malware uses scheduled tasks for defense evasion - Microsoft Security Blog