Tag: badpotato
3 attack reports | 0 vulnerabilities
Attack reports
DragonRank, a Chinese-speaking SEO manipulator service provider
Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operating PlugX and BadIIS for search engine optimization (SEO) rank manipulation.
Downloadable IOCs 35
Analysis of CoinMiner Attacks Targeting Web Servers
The report details two separate attack cases targeting a Korean medical institution's web server, resulting in the installation of CoinMiners. The targeted server was a Windows IIS server, likely with PACS software installed. In both attacks, web shells were uploaded, and system information was col…
Downloadable IOCs 59
Analysis of Coin Miner Attack Case Against Domestic Web Server
ASEC has recently confirmed an attack on a domestic medical institution to install a coin miner. The web server that was targeted was a Windows IIS server, and the path name on which the web shell was uploaded suggests that it is a system with the Picture Archiving and Communication System (PACS) p…
Downloadable IOCs 10