Abandoned Backdoors: How Malicious Infrastructure Lives On

Researchers from watchTowr, an attack surface management vendor, studied abandoned malicious infrastructure, specifically web shells with backdoors. They hijacked these backdoors, redirecting traffic to their logging server and identifying 4,000 infected systems, including government and educational institutions. This research highlights the prevalence of web shells, often backdoored by their creators, and the potential for malicious actors to exploit abandoned infrastructure.