- The web server has been a typical target for attackers because it is publicly accessible for providing web services to a large number of users.
- AhnLab Security Intelligence Center (ASEC) monitors attacks targeting vulnerable web servers that have not been patched or are inadequately managed, and publishes confirmed attack cases through their blog.
- Recently, ASEC confirmed an attack case where a Korean medical institution was targeted and a coin miner was installed.
- The targeted web server was a Windows IIS server, and it is presumed to be a system with the PACS (Picture Archiving and Communication System) product installed based on the uploaded path of the web shell.
https://asec.ahnlab.com/ko/66860/