add some tools

This commit is contained in:
Deborah Servili 2018-06-13 11:54:50 +02:00
parent cef7d02622
commit 4ac23483b9

View file

@ -4292,6 +4292,26 @@
"https://www.bleepingcomputer.com/news/security/invisimole-is-a-complex-spyware-that-can-take-pictures-and-record-audio/"
]
}
},
{
"uuid": "f35f219a-6eed-11e8-980a-93bb96299951",
"value": "Roaming Mantis",
"description": "Roaming Mantis malware is designed for distribution through a simple, but very efficient trick based on a technique known as DNS hijacking. When a user attempts to access any website via a compromised router, they will be redirected to a malicious website. For example, if a user were to navigate to www.securelist.com using a web browser, the browser would be redirected to a rogue server which has nothing to do with the security research blog. As long as the browser displays the original URL, users are likely to believe the website is genuine. The web page from the rogue server displays the popup message: To better experience the browsing, update to the latest chrome version.",
"meta": {
"refs": [
"https://securelist.com/roaming-mantis-uses-dns-hijacking-to-infect-android-smartphones/85178/"
]
}
},
{
"uuid": "7cda6406-6eef-11e8-a2ad-9340096d5711",
"value": "PLEAD Downloader",
"description": "PLEAD is referred to both as a name of malware including TSCookie and its attack campaign. PLEAD has two kinds RAT (Remote Access Tool) and downloader. The RAT operates based on commands that are provided from C&C servers. On the other hand, PLEAD downloader downloads modules and runs it on memory in the same way as TSCookie does.",
"meta": {
"refs": [
"https://blog.jpcert.or.jp/2018/06/plead-downloader-used-by-blacktech.html"
]
}
}
],
"authors": [