mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
add StealthWorker malware
This commit is contained in:
parent
ee034babba
commit
2815e48610
1 changed files with 10 additions and 0 deletions
|
@ -7552,6 +7552,16 @@
|
||||||
},
|
},
|
||||||
"uuid": "78ed653d-2d76-4a99-849e-1509e4573c32",
|
"uuid": "78ed653d-2d76-4a99-849e-1509e4573c32",
|
||||||
"value": "BabyShark"
|
"value": "BabyShark"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Hackers are running a new campaign which drops the StealthWorker brute-force malware on Windows and Linux machines that end up being used to brute force other computers in a series of distributed brute force attacks.\nAs unearthed by FortiGuard Labs' Rommel Joven, the StealthWorker Golang-based brute forcer (also known as GoBrut) discovered by Malwarebytes at the end of February is actively being used to target and compromise multiple platforms.\nStealthWorker was previously connected to a number of compromised Magento-powered e-commerce websites on which attackers infiltrated skimmers designed to exfiltrate both payment and personal information.\nAs later discovered, the malware is capable of exploiting a number of vulnerabilities in to infiltrate Magento, phpMyAdmin, and cPanel Content Management Systems (CMSs), as well as brute force its way in if everything else fails.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.bleepingcomputer.com/news/security/stealthworker-malware-uses-windows-linux-bots-to-hack-websites/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "f0fc5ab9-4973-42b3-a2f6-25ff551b5566",
|
||||||
|
"value": "StealthWorker"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 111
|
"version": 111
|
||||||
|
|
Loading…
Reference in a new issue