About 3.2 million systems vulnerable to ransomware attacks at JBoss servers.

 Many grade schools and organizations are known to be at risk.

Cybercriminals never sleep. They are using every opportunity to take advantage of system vulnerabilities to spread malware and infect computers. Ransomware is one of the most threatening malicious spreads in recent years, and unfortunately, the victims are growing in numbers. It turns to be a “profitable business” for the hackers who seek new ways to infect systems, encrypt their data and ask for a ransom in exchange.


Hackers target the JBoss web servers.

The new target of the hackers are the JBoss web servers, with thousands of servers already confirmed as compromised. Cisco’s Talos group security researchers have detected a large number of vulnerable internet-connected systems, which are running the out-of-date JBoss installations. One of them is the educational software developer Follett Destiny, which is creating library management software, sold worldwide. Cisco’s Talos group announced that hackers have found a way to install backdoors on the old software versions. These backdoors may introduce ransom code such as SamSam, and encrypt the data of millions of organizations, which are using the Follet’s outdated software at the JBoss servers.

Until now, about 2100 backdoors are known to be installed, but more than 3 million systems all around the world are at risk. Many of them are schools. Needless to say that the losses from a potential ransomware attack over such a vast number of organizations would lead to huge expenses and will surely disturb their functions. They will not be able to operate without access to their database. Unfortunately, cyber criminals know that very well, and that’s why ransomware is becoming their favorite technique to racket organizations for their encrypted data in exchange for a huge ransom.

However, there is a good news for the JBoss servers’ users. Follet is taking actions against the software holes and has a patching system that should fix the flaws in the older software versions. It can also detect potentially threatening files that might be used to compromise the JBoss servers. The company has also taken actions to notify the users about the security risk. Their technical staff provides support to all customers, who have found suspicious files in their system.

This, of course, cannot guarantee a full protection from getting infected, because these patches would be able to fix system vulnerabilities for 9.0 to 13.5 software versions only. There is still no solution for those, who use a software too old to get the patches. However, it looks like the company has taken measures to gain control over the situation before it gets completely out of hand and cause a major risk.

In case you are concerned, our “How to remove” experts would advise you to update your software and pay attention to every suspicious looking file or activity on your PC. You can also update your antivirus and set it for a regular system check. Follow the basic online security rules to stay away from potential threats. An outdated software is an invitation for any sorts of malicious programs, that’s why staying up-to-date is crucial for your safety.