Drupal Exploited like Crazy

It looks like https://github.com/nixawk/labs/issues/19 is being exploited like crazy right now.  I was getting hits trying to exploit it every 4 hours or so, then the rate sped up for a time.  Each hit was trying to download drupal.php from http://51.254.219.134.

Somebody has nulled out that file now, so infection rate will probably drop.

Leave a Reply

Your email address will not be published. Required fields are marked *