mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-25 16:27:19 +00:00
437d4a30e5
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
151 lines
3.9 KiB
JSON
151 lines
3.9 KiB
JSON
{
|
|
"authors": [
|
|
"Kafeine"
|
|
],
|
|
"category": "tool",
|
|
"description": "TDS is a list of Traffic Direction System used by adversaries",
|
|
"name": "TDS",
|
|
"source": "MISP Project",
|
|
"type": "tds",
|
|
"uuid": "ab5fffaa-c5f6-11e6-9d9d-cec0c932ce01",
|
|
"values": [
|
|
{
|
|
"description": "Keitaro TDS is among the mostly used TDS in drive by infection chains",
|
|
"meta": {
|
|
"refs": [
|
|
"https://keitarotds.com/"
|
|
],
|
|
"type": [
|
|
"Commercial"
|
|
]
|
|
},
|
|
"uuid": "94c57fc0-4477-4643-b539-55ba8c455df6",
|
|
"value": "Keitaro"
|
|
},
|
|
{
|
|
"description": "BlackTDS is mutualised TDS advertised underground since end of December 2017",
|
|
"meta": {
|
|
"refs": [
|
|
"https://blacktds[.com/"
|
|
],
|
|
"type": [
|
|
"Underground"
|
|
]
|
|
},
|
|
"uuid": "d5c0cf8d-8ed0-4fa2-a2e6-7274516ea1c8",
|
|
"value": "BlackTDS"
|
|
},
|
|
{
|
|
"description": "ShadowTDS is advertised underground since 2016-02. It's in fact more like a Social Engineering kit focused on Android and embedding a TDS",
|
|
"meta": {
|
|
"type": [
|
|
"Underground"
|
|
]
|
|
},
|
|
"uuid": "2680a4b1-84d1-4af0-8126-4429a90f8ef8",
|
|
"value": "ShadowTDS"
|
|
},
|
|
{
|
|
"description": "Sutra TDS was dominant from 2012 till 2015",
|
|
"meta": {
|
|
"refs": [
|
|
"http://kytoon.com/sutra-tds.html"
|
|
],
|
|
"type": [
|
|
"Commercial"
|
|
]
|
|
},
|
|
"uuid": "67f21003-bbc8-4993-b615-f990e539929f",
|
|
"value": "Sutra"
|
|
},
|
|
{
|
|
"description": "SimpleTDS is a basic open source TDS",
|
|
"meta": {
|
|
"refs": [
|
|
"https://sourceforge.net/projects/simpletds/"
|
|
],
|
|
"synonyms": [
|
|
"Stds"
|
|
],
|
|
"type": [
|
|
"OpenSource"
|
|
]
|
|
},
|
|
"uuid": "aa179c37-1a8a-4761-841a-cc940e19d7be",
|
|
"value": "SimpleTDS"
|
|
},
|
|
{
|
|
"description": "zTDS is an open source TDS",
|
|
"meta": {
|
|
"refs": [
|
|
"http://ztds.info/doku.php"
|
|
],
|
|
"type": [
|
|
"OpenSource"
|
|
]
|
|
},
|
|
"uuid": "7a84de25-545a-4220-b500-85b9219dd67d",
|
|
"value": "zTDS"
|
|
},
|
|
{
|
|
"description": "BossTDS",
|
|
"meta": {
|
|
"refs": [
|
|
"http://bosstds.com/"
|
|
],
|
|
"type": [
|
|
"Commercial"
|
|
]
|
|
},
|
|
"uuid": "5a483b4b-671a-4113-9b99-a115d2d2d644",
|
|
"value": "BossTDS"
|
|
},
|
|
{
|
|
"description": "BlackHat TDS is sold underground.",
|
|
"meta": {
|
|
"refs": [
|
|
"http://malware.dontneedcoffee.com/2014/04/meet-blackhat-tds.html"
|
|
],
|
|
"type": [
|
|
"Underground"
|
|
]
|
|
},
|
|
"uuid": "36aa3b2d-4927-45e5-be08-f30144fd1909",
|
|
"value": "BlackHat TDS"
|
|
},
|
|
{
|
|
"description": "Futuristic TDS is the TDS component of BlackOS/CookieBomb/NorthTale Iframer",
|
|
"meta": {
|
|
"type": [
|
|
"Underground"
|
|
]
|
|
},
|
|
"uuid": "19d8eab9-72d5-4f22-affb-c0d6aed66346",
|
|
"value": "Futuristic TDS"
|
|
},
|
|
{
|
|
"description": "Orchid TDS was sold underground. Rare usage",
|
|
"meta": {
|
|
"type": [
|
|
"Underground"
|
|
]
|
|
},
|
|
"uuid": "ec0048f2-a7b2-4a71-83de-6e8fe4fef252",
|
|
"value": "Orchid TDS"
|
|
},
|
|
{
|
|
"description": "Proofpoint has tracked the 404 TDS since at least September 2022. Proofpoint is not aware if this is a service sold on underground forums, but it is likely a shared or sold tool due to its involvement in a variety of phishing and malware campaigns.",
|
|
"meta": {
|
|
"refs": [
|
|
"https://www.proofpoint.com/us/blog/threat-insight/screentime-sometimes-it-feels-like-somebodys-watching-me"
|
|
],
|
|
"type": [
|
|
"Underground"
|
|
]
|
|
},
|
|
"uuid": "7b956ff0-9021-499c-82a4-24b958cb32d9",
|
|
"value": "404 TDS"
|
|
}
|
|
],
|
|
"version": 5
|
|
}
|