Tag: pwnrig
2 attack reports | 0 vulnerabilities
Attack reports
Hadooken and K4Spreader: The 8220 Gang's Latest Arsenal
This analysis uncovers a significant infection chain targeting Windows and Linux systems through Oracle WebLogic vulnerabilities. The attackers, likely the 8220 Gang, exploit CVE-2017-10271 and CVE-2020-14883 to deploy malware including K4Spreader, Tsunami backdoor, and cryptominers. The infection …
Downloadable IOCs 62
Mining Gang's New Tool: k4spreader
QIanxin describes the discovery and analysis of k4spreader, a new malware installer and spreader tool developed by the 8220 mining gang. k4spreader is written in cgo and implements system persistence, self-updating, and releasing other malware like the Tsunami botnet and PwnRig miner. The tool is s…
Downloadable IOCs 35
Hadooken and K4Spreader: The 8220 Gang's Latest Arsenal
This analysis uncovers a significant infection chain targeting Windows and Linux systems through Oracle WebLogic vulnerabilities. The attackers, likely the 8220 Gang, exploit CVE-2017-10271 and CVE-2020-14883 to deploy malware including K4Spreader, Tsunami backdoor, and cryptominers. The infection …
Downloadable IOCs 62
Mining Gang's New Tool: k4spreader
QIanxin describes the discovery and analysis of k4spreader, a new malware installer and spreader tool developed by the 8220 mining gang. k4spreader is written in cgo and implements system persistence, self-updating, and releasing other malware like the Tsunami botnet and PwnRig miner. The tool is s…
Downloadable IOCs 35