add: Matsuta IoT botnet added

2024-11-26 16:57:18 +00:00 · 2018-01-25 15:39:44 +01:00 · 2018-01-25 15:39:44 +01:00 · 5070314aae
commit 5070314aae
parent a3390e7f5e
1 changed files with 10 additions and 1 deletions
--- a/clusters/tool.json
+++ b/clusters/tool.json
@ -10,7 +10,7 @@
  ],
  "description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
  "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
-  "version": 49,
+  "version": 50,
  "values": [
    {
      "meta": {
@ -1484,6 +1484,15 @@
      "description": "Mirai (Japanese for \"the future\") is malware that turns computer systems running Linux into remotely controlled \"bots\", that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as remote cameras and home routers. The Mirai botnet has been used in some of the largest and most disruptive distributed denial of service (DDoS) attacks, including an attack on 20 September 2016 on computer security journalist Brian Krebs's web site, an attack on French web host OVH and the October 2016 Dyn cyberattack.",
      "value": "Mirai"
    },
+    {
+      "value": "Matsuta",
+      "description": "IoT malware based on Mirai but slightly improved.",
+      "metat": {
+        "refs": [
+          "https://blog.newskysecurity.com/masuta-satori-creators-second-botnet-weaponizes-a-new-router-exploit-2ddc51cc52a7"
+        ]
+      }
+    },
    {
      "value": "BASHLITE"
    },