Tag: prometheustds

1 attack reports | 0 vulnerabilities

Attack reports

From IcedID to Dagon Locker Ransomware in 29 Days

Published: April 29, 2024

This intrusion started in August 2023 with a phishing campaign that distributed IcedID malware. The phishing operation utilized the Prometheus Traffic Direction System (TDS) to deliver the malware and victims were directed to a fraudulent website, mimicking an Azure download portal.

Downloadable IOCs 33

powershell
cobalt strike
anydesk
icedid
adfind
rclone
shell
encrypted
discovery
domain account
access token
manipulation
utility
modify system
aws collector
prometheustds
seatbelt
sharefinder
» Click here to see all Attack Reports «