Author Topic: Any Fix From CWP Team for FACEFISH ATTACK  (Read 4779 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Any Fix From CWP Team for FACEFISH ATTACK
« on: June 01, 2021, 12:39:51 PM »
Hey CWP Team,

I am using latest version of CWP 0.9.8.1065 . Yesterday i received a mail from Linode VPS Provider info about FACEFISH ATTACK and set network restriction on my server is this any fix for this attack
https://blog.netlab.360.com/ssh_stealer_facefish_en/ check this about server attack info how it works. and provide new update for remove this virus from server.

Thanks.

Offline
*
Re: Any Fix From CWP Team for FACEFISH ATTACK
« Reply #1 on: June 02, 2021, 05:57:52 AM »
if you have automatic updates (enabled by default) then you are secure from those kinds of attacks as cwp updates automatically fix all issues.
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
*
Re: Any Fix From CWP Team for FACEFISH ATTACK
« Reply #2 on: June 02, 2021, 10:37:11 AM »
hey,
thanks for info . Updates for CWP enable by default then why Linode set network restriction for server.

Offline
*
Re: Any Fix From CWP Team for FACEFISH ATTACK
« Reply #3 on: June 02, 2021, 12:05:21 PM »
Add this to the csf.deny files and restart csf

tcp/udp|in/out|s/d=0_64000|s/d=176.111.174.26 # do not delete facefish control center ip

This will prevent any communications to the facefish control center and thus reduce the chances of damage.

Offline
*
Re: Any Fix From CWP Team for FACEFISH ATTACK
« Reply #4 on: June 03, 2021, 04:30:41 PM »
This is quite concerning. Do we know what version of CWP are affected and how to properly prevent the attacks? CWP Team, can you please let us know the proper mitigation for this attack or what versions it has been resolved in?