Matrix Unleashes A New Widespread DDoS Campaign

Nov. 27, 2024, 6:32 p.m.

External References

Description

A new widespread Distributed Denial-of-Service (DDoS) campaign orchestrated by a threat actor named Matrix has been uncovered. The operation combines public scripts, brute-force attacks, and exploitation of weak credentials to create a botnet capable of global disruption. Matrix targets vulnerabilities and misconfigurations across internet-connected devices, particularly IoT and enterprise systems. The campaign demonstrates how accessible tools and minimal technical knowledge can enable large-scale cyberattacks. Despite showing Russian affiliation, the absence of Ukrainian targets suggests a focus on financial gain rather than political motives. The threat actor is actively targeting both development and production servers, marking an evolution in DDoS activities.

Date

Published: Nov. 27, 2024, 6:19 p.m.

Created: Nov. 27, 2024, 6:19 p.m.

Modified: Nov. 27, 2024, 6:32 p.m.

Indicators

fa1b9e78b59cdb26d98da8b00fe701697a55ae9ea3bd11b00695cfbba2b67a7a

aee08f24f2e0be5af8b9a7947e845e8364be2f8b5ff874fbc3e7a4c81ecdad83

8dfe94a1b02d1330886ad4458b32db3da4b872f9c2116657840de499fee5438a

424058facc8f16fd578190a612bc3f9178f5e393d345c2330c39436abb4d1142

2e7682abe30d93afb3bd9dee0011c450c1d72d727151344b8b7360441571e007

0ee827d23752c2afc1b07e5312986703f63e05b8c4f1902f5db07bb494e4d057

78.138.130.114

5.42.78.100

217.18.63.132

5.181.159.78

85.192.37.173

Attack Patterns

DiscordGo

PYbot

Mirai

Matrix

T1563.001

T1059.006

T1135

T1110

T1562.001

T1554

T1005

T1573

T1496

T1543

T1102

T1210

T1046

T1036

T1498

T1190

T1078

CVE-2022-30075

CVE-2018-9995

CVE-2017-17106

CVE-2018-10562

CVE-2024-27348

CVE-2021-20090

CVE-2017-18368

CVE-2018-10561

CVE-2014-8361

CVE-2022-30525

CVE-2017-17215

Additional Informations

Technology

Telecommunications

China

Japan