{"id":17448,"date":"2025-09-04T17:58:00","date_gmt":"2025-09-04T17:58:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/"},"modified":"2025-09-04T17:58:00","modified_gmt":"2025-09-04T17:58:00","slug":"ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/","title":{"rendered":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam.<br \/>\nThe attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services (IIS) module<a href=\"https:\/\/thehackernews.com\/2025\/09\/ghostredirector-hacks-65-windows.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17449,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-17448","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-09-04T17:58:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-09-04T17:58:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/09\\\/cyberattack-5ccwd4.jpg\",\"width\":728,\"height\":380},\"datePublished\":\"2025-09-04T17:58:00+00:00\",\"dateModified\":\"2025-09-04T17:58:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/09\\\/cyberattack-5ccwd4.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":728,\"height\":380},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/09\\\/04\\\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-09-04T17:58:00+00:00\",\"dateModified\":\"2025-09-04T17:58:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#blogposting","name":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/09\/cyberattack-5ccwd4.jpg","width":728,"height":380},"datePublished":"2025-09-04T17:58:00+00:00","dateModified":"2025-09-04T17:58:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#listItem","name":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/","name":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/09\/cyberattack-5ccwd4.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#mainImage","width":728,"height":380},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-09-04T17:58:00+00:00","dateModified":"2025-09-04T17:58:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-09-04T17:58:00+00:00","article:modified_time":"2025-09-04T17:58:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services"},"aioseo_meta_data":{"post_id":"17448","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-09-04 19:05:44","updated":"2025-10-15 16:36:52","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tGhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/09\/04\/ghostredirector-hacks-65-windows-servers-using-rungan-backdoor-and-gamshen-iis-module-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17448","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=17448"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17448\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/17449"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=17448"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=17448"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=17448"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}