One Article Review
Accueil - L'article:
Source AlienVault.webp AlienVault Lab Blog
Identifiant 2921360
Date de publication 2021-06-14 10:00:00 (vue: 2021-06-14 10:05:19)
Titre Malware hosting domain Cyberium fanning out Mirai variants
Texte Executive summary AT&T Alien Labs has observed the Mirai variant botnet, known as Moobot, scanning for known but uncommon vulnerabilities in Tenda routers, resulting in a considerable peak in our internal telemetry. The research associated with this peak resulted in the discovery of a malware hosting domain, providing several different Mirai variants, like Moobot and Satori. Key points: AT&T Alien Labs identified a short but intense peak in scanning for Tenda routers, which had been uncommon in previous months. The Cyberium malware hosting domain has been serving Mirai variants for several known, but different botnets over the past year. Our research team has gathered intelligence from previous campaigns launched by this same attacker; though they made changes in their infrastructure and payloads, they have mostly recycled their tactics and techniques. Analysis During the end of March, AT&T Alien Labs observed a spike in exploitation... Fernando Martinez Posted by: Fernando Martinez Read full post       
Notes
Envoyé Oui
Condensat alien analysis associated at&t attacker; been botnet botnets but by: campaigns changes considerable cyberium different discovery domain during end executive exploitation fanning fernando from full gathered had has have hosting identified infrastructure intelligence intense internal key known labs launched like made malware march martinez mirai months moobot mostly observed out over past payloads peak points: post posted previous providing read recycled research resulted resulting routers same satori scanning serving several short spike summary tactics team techniques telemetry tenda though uncommon variant variants vulnerabilities which year
Tags Malware
Stories Satori
Move


L'article ne semble pas avoir été repris aprés sa publication.


L'article ne semble pas avoir été repris sur un précédent.
My email: