The botnets can be used to breach web servers and launch DDoS attacks against websites using a vulnerability in the framework’s invokeFunction method to execute malicious code on the underlying server, Trend Micro researchers said in a Jan. 25 blog post. “Cybercriminals use websites created using the PHP framework to breach web servers via dictionary attacks on default credentials and gain control of these routers for distributed denial of service attacks (DDoS),” the post said. “Our telemetry showed that these two particular malware types caused a sudden increase in attacks and infection attempts from January 11 to 17.” Once the Yowai botnet infects the router it uses dictionary attack in an attempt to infect other devices while the affected router becomes part of a botnet that enables its operator to use the affected devices for launching DDoS attacks. Topics: