Summary: Researchers from watchTowr Labs have uncovered over 4,000 unique backdoors utilizing expired domains, exposing government and academic hosts to potential hijacking by malicious actors. This study highlights the risks associated with abandoned infrastructure and the ease with which attackers can exploit these vulnerabilities.

Threat Actor: Criminals exploiting backdoors | criminals exploiting backdoors
Victim: Government and academic institutions | government and academic institutions

Key Point :

• WatchTowr Labs identified over 4,000 compromised systems, including government and educational institutions.
• Attackers can easily commandeer abandoned backdoors, gaining access without the effort of initial compromise.
• Registered domains were used to log incoming requests, revealing multiple compromised hosts across various countries.
• The research emphasizes the importance of maintaining control over infrastructure to prevent exploitation.