From f51f13e84bbea7bcc2e4fea60e5f56cb23499ce3 Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Thu, 2 May 2019 10:15:26 +0200 Subject: [PATCH] add AESDDoS Botnet --- clusters/botnet.json | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/clusters/botnet.json b/clusters/botnet.json index a57b2bf..545602e 100644 --- a/clusters/botnet.json +++ b/clusters/botnet.json @@ -1147,7 +1147,17 @@ }, "uuid": "f387e30a-dc48-11e8-b9f4-370bc63008bf", "value": "Chalubo" + }, + { + "description": "Our honeypot sensors recently detected an AESDDoS botnet malware variant (detected by Trend Micro as Backdoor.Linux.AESDDOS.J) exploiting a server-side template injection vulnerability (CVE-2019-3396) in the Widget Connector macro in Atlassian Confluence Server, a collaboration software program used by DevOps professionals.", + "meta": { + "refs": [ + "https://blog.trendmicro.com/trendlabs-security-intelligence/aesddos-botnet-malware-exploits-cve-2019-3396-to-perform-remote-code-execution-ddos-attacks-and-cryptocurrency-mining/" + ] + }, + "uuid": "809d100b-d46d-40f4-b498-5371f46bb9d6", + "value": "AESDDoS" } ], - "version": 19 + "version": 20 }