“Unfortunately, Volexity has found that [many] organizations are silently being victimized through this very login page,” Volexity wrote in a blog post published Wednesday. “This begs the question: How are the attackers managing to pull this off?“
Methods to Install Backdoor
- An exploit that relies on a critical flaw (CVE-2014-3393) in the Clientless SSL VPN that Cisco patched more than 12 months ago.
- Hackers gaining administrative access and using it to load the malicious code.
- Medical Think Tank
- Universities, NGOs and Academic Institutions
- Multinational Electronics manufacturers
- Non-governmental organizations