Tag: pwnrig

2 Attack Reports | 0 Vulnerabilities

Attack reports

Hadooken and K4Spreader: The 8220 Gang's Latest Arsenal

This analysis uncovers a significant infection chain targeting Windows and Linux systems through Oracle WebLogic vulnerabilities. The attackers, likely the 8220 Gang, exploit CVE-2017-10271 and CVE-2020-14883 to deploy malware including K4Spreader, Tsunami backdoor, and cryptominers. The infection …
china
botnet
cryptomining
brazil
pwnrig
tsunami
k4spreader
weblogic
hadooken
2024-10-01
CVE-2017-10271
CVE-2020-14883
Published: October 1, 2024
Linked vulnerabilities : CVE-2023-46604, CVE-2020-14883, CVE-2017-10271
Downloadable IOCs: 62

Mining Gang's New Tool: k4spreader

QIanxin describes the discovery and analysis of k4spreader, a new malware installer and spreader tool developed by the 8220 mining gang. k4spreader is written in cgo and implements system persistence, self-updating, and releasing other malware like the Tsunami botnet and PwnRig miner. The tool is s…
botnet
2024-07-02
pwnrig
mining
tsunami
spreader
k4spreader
Published: July 2, 2024
Downloadable IOCs: 35
Click here to see more Attack Reports