ZmEu (vulnerability scanner)

From Wikipedia, the free encyclopedia

ZmEu is a computer vulnerability scanner which searches for web servers that are open to attack through the phpMyAdmin program,[1] [2] [3] It also attempts to guess SSH passwords through brute-force methods,[4] and leaves a persistent backdoor. It was developed in Romania and was especially common in 2012.

It is apparently named after Zmeu, a dragon-like being in Romanian folklore.[5]

Log of a hacker running ZmEu on a webserver.


  1. ^ "Fortinet®'s FortiGuard Threat Landscape Research Team Reports Four Samples of Money Making Malware to Watch for in 2013 | Fortinet". Archived from the original on August 30, 2014. Retrieved September 29, 2014.
  2. ^ "Hacktivists Turn to ZmEu Scanning Tool to Compromise Websites, Fortinet Finds". 5 February 2013.
  3. ^ "ZmEu attacks: Some basic forensic". 24 February 2011.
  4. ^ "Google Code Archive - Long-term storage for Google Code Project Hosting".
  5. ^ "Attacks by ZmEu or w00tw00t robots". 21 July 2010.