ZmEu (vulnerability scanner)

ZmEu is a computer vulnerability scanner which searches for web servers that are open to attack through the phpMyAdmin program,^[1] ^[2] ^[3] It also attempts to guess SSH passwords through brute-force methods,^[4] and leaves a persistent backdoor. It was developed in Romania and was especially common in 2012.

It is apparently named after Zmeu, a dragon-like being in Romanian folklore.^[5]

Log of a hacker running ZmEu on a webserver.

References

^ "Fortinet®'s FortiGuard Threat Landscape Research Team Reports Four Samples of Money Making Malware to Watch for in 2013 | Fortinet". Archived from the original on August 30, 2014. Retrieved September 29, 2014.
^ "Hacktivists Turn to ZmEu Scanning Tool to Compromise Websites, Fortinet Finds". 5 February 2013.
^ "ZmEu attacks: Some basic forensic". 24 February 2011.
^ "Google Code Archive - Long-term storage for Google Code Project Hosting".
^ "Attacks by ZmEu or w00tw00t robots". 21 July 2010.

This security software article is a stub. You can help Wikipedia by expanding it.

[1] "Fortinet®'s FortiGuard Threat Landscape Research Team Reports Four Samples of Money Making Malware to Watch for in 2013 | Fortinet". Archived from the original on August 30, 2014. Retrieved September 29, 2014.

[2] "Hacktivists Turn to ZmEu Scanning Tool to Compromise Websites, Fortinet Finds". 5 February 2013.

[3] "ZmEu attacks: Some basic forensic". 24 February 2011.

[4] "Google Code Archive - Long-term storage for Google Code Project Hosting".

[5] "Attacks by ZmEu or w00tw00t robots". 21 July 2010.

[1]

[2]

[3]

[4]

[5]