alt Hacker NewsA firewall blocking outgoing connections (except those whitelisted through the proxy) would’ve likely prevented the download of the malware (as it’s usually done by using the RCE to call a curl/wget command rather than uploading the binary through the RCE) and/or its connection to the mining server.
Replies
drnick1 • last Thursday at 4:47 AM
In practice, this is basically impossible to implement. As a user behind a firewall you normally expect to be able to open connections with any remote host.
➕ show 1 reply
How many people do proper egress filtering though, even when running a firewall