GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module



September 04, 2025 at 11:28PM

Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services (IIS) module

from The Hacker News https://ift.tt/ZqMcUn3

Genrerating Link.... 15 seconds.

Your Link is Ready.

Share this post