From Automation to Exploitation: The Growing Misuse of Selenium Grid for Cryptomining and Proxyjacking
Sept. 17, 2024, 11:28 a.m.
Description
Date
Published | Created | Modified |
---|---|---|
Sept. 17, 2024, 11:14 a.m. | Sept. 17, 2024, 11:14 a.m. | Sept. 17, 2024, 11:28 a.m. |
Indicators
96969a8a68dadb82dd3312eee666223663ccb1c1f6d776392078e9d7237c45f2
95aa55faacc54532fdf4421d0c29ab62e082a60896d9fddc9821162c16811144
44e83f84a5d5219e2f7c3cf1e4f02489cae81361227f46946abe4b8d8245b879
31ee4c9984f3c21a8144ce88980254722fd16a0724afb16408e1b6940fd599da
22e4a57ac560ebe1eff8957906589f4dd5934ee555ebcc0f7ba613b07fad2c13
50.7.74.173
212.47.244.38
193.168.143.199
173.212.220.247
95.216.88.55
154.213.187.153
www.xt3tiue7xxeahd5lbz.com
www.os7mj54hx4pwvwobohhh6.com
www.kdzdpvltoaqw.com
www.fkxwama7ebnluzontqx2lq.com
http://173.212.220.247/burjdubai/.jblae/y
http://173.212.220.247/burjdubai/.jblae/pl
funnyralph69@proton.me
Attack Patterns
GSocket
perfcc
T1574.006
T1053.003
T1568.002
T1070.003
T1059.006
T1027.002
T1059.004
T1070.004
T1005
T1496
T1140
CVE-2021-4043