Tag: CVE-2022-21587

2 Attack Reports | 0 Vulnerabilities

Attack reports

Mozi Resurfaces as Androxgh0st Botnet: Unraveling The Latest Exploitation Wave

The Androxgh0st botnet, active since January 2024, has evolved to incorporate Mozi botnet payloads, expanding its attack surface from web servers to IoT devices. It exploits vulnerabilities in various platforms, including Cisco ASA, Atlassian JIRA, and PHP frameworks, utilizing remote code executio…
iot
botnet
credential theft
CVE-2024-4577
vulnerability exploitation
CVE-2018-10562
CVE-2018-10561
androxgh0st
remote code execution
routers
CVE-2022-1040
mozi
CVE-2022-21587
CVE-2024-36401
CVE-2021-41277
CVE-2023-1389
CVE-2021-26086
CVE-2014-2120
2024-11-12
web servers
persistent access
Published: November 12, 2024
Linked vulnerabilities : CVE-2024-4577 (CVSS 9.8), CVE-2021-41773, CVE-2018-15133, CVE-2017-9841, CVE-2022-1040, CVE-2021-41277, CVE-2018-10562, CVE-2014-2120, CVE-2021-26086, CVE-2024-36401, CVE-2022-21587, CVE-2018-10561, CVE-2023-1389
Downloadable IOCs: 10

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

The AndroxGh0st malware has expanded its capabilities by incorporating the Mozi botnet to target IoT devices and cloud services. This Python-based tool, known for attacking Laravel applications, now exploits a wider range of vulnerabilities in internet-facing applications. The malware uses remote c…
iot
botnet
wordpress
CVE-2024-4577
CVE-2018-10562
CVE-2018-10561
androxgh0st
remote code execution
cloud services
credential stealing
CVE-2022-1040
2024-11-08
mozi
laravel
CVE-2022-21587
CVE-2024-36401
CVE-2021-41277
CVE-2023-1389
CVE-2021-26086
CVE-2014-2120
Published: November 8, 2024
Downloadable IOCs: 1
Click here to see more Attack Reports