Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool
Aug 03, 2024
DDoS Attack / Server Security
Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks. The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers. Attack chains entail the exploitation of internet-exposed Jupyter Notebook instances to run wget commands for fetching a ZIP archive hosted on a file-sharing site called Filebin. The ZIP file contains two Java archive (JAR) files, conn.jar and mineping.jar, with the former used to establish connections to a Discord channel and trigger the execution of the mineping.jar package. "This attack aims to consume the resources of the target server by sending a large number of TCP connection requests," Aqua researcher Assaf Morag said . "The results are written to the Discord channel." The attack campaign has bee