A highly sophisticated exploitation campaign is actively targeting FreePBX VoIP infrastructure to facilitate global telecom toll fraud. Cyble Research & Intelligence Labs (CRIL) attributes this activity with high confidence to INJ3CTOR3, a financially motivated threat actor active since 2019. The campaign introduces JOMANGY, a previously undocumented PHP webshell family, alongside the established ZenharR toolset. Every […]
The post Threat Actors Deploy Multi-Layer Persistence On Compromised FreePBX Servers appeared first on Cyber Security News.