Botnets have been silently mass-scanning the internet for unsecured ENV files – ZDNet

Botnets have been silently mass-scanning the internet for unsecured ENV files – ZDNet


microsoft-defender-atp-now-scans-windows-5eef8de69c89f47042ec66fd-1-jun-23-2020-12-00-14-poster.jpg

Drawing little attention to themselves, multiple threat actors have spent the past two-three years mass-scanning the internet for ENV files that have been accidentally uploaded and left exposed on web servers.

techrepublic cheat sheet

ENV files, or environment files, are a type of configuration files that are usually used by development tools.

Frameworks like Docker, Node.js, Symfony, and Django use ENV files to store environment variables, such as API tokens, passwords, and database logins.

Due to the nature of the data they hold, ENV files should always be stored in protected folders.

“I’d imagine a botnet is scanning for these files to find stored credentials that will allow the attacker to interact with databases like Firebase, or AWS instances, etc.,” Daniel Bunce, Principal Security Analyst for SecurityJoes, told ZDNet.

“If an attacker is able to get access to private API keys, they can abuse the software,” Bunce added.

More than 1,100 ENV scanners active this month alone

Application developers have often received warnings about malicious botnets scanning for GIT configuration files or for Source…

Tech Innovation Science

Next Post

Klau Geomatics Releases GNSS/IMU Hardware and Software Integration Platform. - sUAS News

Sat Nov 21 , 2020
Klau Geomatics Releases GNSS/IMU Hardware and Software Integration Platform. - sUAS News