Mr_Rot13 Hacker Group Targets cPanel Flaws for Backdoor Attacks A threat actor known as Mr_Rot13 has been exploiting a recently disclosed critical cPanel flaw to deploy a backdoor called Filemanager on compromised systems. The vulnerability (CVE-2024-41940) affects cPanel’s WebHost Manager, allowing authentication bypass and remote takeover. According to XLab researchers, the flaw has been abused by multiple threat actors shortly after its public disclosure last month, leading to cryptocurre

12-May-2026 BitNewsBot

Mr_Rot13 Hacker Group Targets cPanel Flaws for Backdoor Attacks A threat actor known as Mr_Rot13 has been exploiting a recently disclosed critical cPanel flaw to deploy a backdoor called Filemanager on compromised systems. The vulnerability (CVE-2024-41940) affects cPanel’s WebHost Manager, allowing authentication bypass and remote takeover. According to XLab researchers, the flaw has been abused by multiple threat actors shortly after its public disclosure last month, leading to cryptocurrency mining, ransomware, botnet spread, and backdoor implants. Monitoring shows over 2,000 attacker IPs worldwide are involved in automated attacks. The exploitation uses a shell script to download a Go-based infector from a remote server, which then implants an SSH key for persistent access and drops a PHP web shell. That web shell injects JavaScript to steal login credentials and sends them to an attacker-controlled system. The backdoor supports file management, remote command execution, and shell access. It also collects host data like bash history, SSH details, database passwords. Evidence suggests Mr_Rot13 has operated silently for years, with infrastructure linked to samples dating back to 2020.

Attacker identified as Mr_Rot13 exploits critical cPanel flaw (CVE-2024-41940) allowing remote authentication bypass and system takeover Deploys Filemanager backdoor via […]
Also read: Hims & Hers Health (HIMS) Stock: Earnings Miss Hits Shares Despite Revenue Growth
Next
Author's Name
telegram Telegram Twitter Twitter Linkedin Linkedin Instagram Instagram
About Author Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nunc fermentum lectus eget interdum varius. Curabitur ut nibh vel velit cursus molestie. Cras sed sagittis erat. Nullam id ante hendrerit, lobortis justo ac, fermentum neque. Mauris egestas maximus tortor. Nunc non neque a quam sollicitudin facilisis. Maecenas posuere turpis arcu, vel tempor ipsum tincidunt ut.
Read More Articles by Author
WHAT'S YOUR OPINION?
Related News