Araneida Scanner: Cracked Acunetix Web App & API Scanner Discovered
Dec. 20, 2024, 11:42 a.m.
Tags
External References
Description
Silent Push Threat Analysts have uncovered the Araneida Scanner, a cracked version of Acunetix being used for illegal purposes. The scanner is employed for offensive reconnaissance, user data scraping, and vulnerability exploitation. It was detected during a partner's reconnaissance effort, prompting an investigation. The tool is being promoted on Telegram, where actors boast about taking over thousands of websites and selling stolen credentials. A separate Chinese-language panel, also likely using cracked Acunetix software, was discovered. Both tools pose significant threats for reconnaissance prior to sophisticated attacks. The investigation revealed multiple IP addresses hosting Araneida customer panels and the continued sale of the scanner through a specific domain.
Date
Published: Dec. 20, 2024, 8:49 a.m.
Created: Dec. 20, 2024, 8:49 a.m.
Modified: Dec. 20, 2024, 11:42 a.m.
Indicators
205.234.181.204
163.5.32.72
163.5.32.204
163.5.32.203
163.5.32.202
163.5.32.179
163.5.169.45
163.5.169.250
157.254.237.94
23.26.77.145
163.5.210.49
fofa.su
araneida.co
Attack Patterns
Araneida Scanner
T1596
T1589
T1113
T1590
T1595
T1046
T1592
T1190
T1078
T1059
Additional Informations
Technology
China
France
United Kingdom of Great Britain and Northern Ireland
United States of America