chg: [backdoor] Adds BOLDMOVE

Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
This commit is contained in:
Jürgen Löhel 2023-01-30 16:39:11 -06:00
parent 150e3152cc
commit 33513241bd
No known key found for this signature in database
GPG key ID: 54E44C4D345DD098

View file

@ -193,7 +193,19 @@
},
"uuid": "0c3b1aa5-3a33-493e-9126-28ebced4ed09",
"value": "BPFDoor"
},
{
"description": "According to Mandiant, this malware family is attributed to potential chinese background and its Linux variant is related to exploitation of Fortinet's SSL-VPN (CVE-2022-42475).",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.boldmove",
"https://malpedia.caad.fkie.fraunhofer.de/details/elf.boldmove",
"https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw"
]
},
"uuid": "2cef78bd-f097-4477-8888-79359042b515",
"value": "BOLDMOVE"
}
],
"version": 13
"version": 14
}