Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: k4spreader

2 attack reports | 0 vulnerabilities

Attack reports

Hadooken and K4Spreader: The 8220 Gang's Latest Arsenal

This analysis uncovers a significant infection chain targeting Windows and Linux systems through Oracle WebLogic vulnerabilities. The attackers, likely the 8220 Gang, exploit CVE-2017-10271 and CVE-2020-14883 to deploy malware including K4Spreader, Tsunami backdoor, and cryptominers. The infection …

china
botnet
cryptomining
brazil
pwnrig
tsunami
k4spreader
weblogic
hadooken
2024-10-01
CVE-2017-10271
CVE-2020-14883
Published: October 1, 2024

Downloadable IOCs 62

Mining Gang's New Tool: k4spreader

QIanxin describes the discovery and analysis of k4spreader, a new malware installer and spreader tool developed by the 8220 mining gang. k4spreader is written in cgo and implements system persistence, self-updating, and releasing other malware like the Tsunami botnet and PwnRig miner. The tool is s…

botnet
2024-07-02
pwnrig
mining
tsunami
spreader
k4spreader
Published: July 2, 2024

Downloadable IOCs 35

» Click here to see all Attack Reports «