Our application firewall has blocked access from a new robot used to attack weak points on many websites.
The robot was discovered on June 16 and is identified by including the following text in its connection data: die ("Hello, Peppa!").
Its goal is to search for backdoors that may have been installed on your website at some point without your knowledge.
During the first month alone, more than 120,000 "Hello, Peppa!" attacks were detected, all targeting port 80.
The URLs most commonly attacked by this robot include:
| /7788.php |
| /8899.php |
| /9678.php |
| /conflg.php |
| /db.init.php |
| /db__.init.php |
| /db_session.init.php |
| /mx.php |
| /qq.php |
| /s.php |
| /sheep.php |
| /w.php |
| /wc.php |
| /wshell.php |
| /wuwu11.php |
| /xshell.php |
| /xw.php |
| /xx.php |
Is my website in danger?
If you are a Bacan client, do not worry. You are protected against this robot by our security layers.