timb-machine/linux-malware issues and pull requests

#88 - [Intel]: https://pastebin.com/iKyaqLTd

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1053.003, missing:tag:Non-persistentStorage, missing:tag:T1007, missing:tag:T1053.006, missing:tag:T1543.002, missing:tag:RedirectionToNull, missing:tag:T1205, missing:tag:T1518, missing:tag:JavaScript, missing:tag:T1574.007, missing:tag:T1037, missing:tag:T1037.004

#87 - [Intel]: https://imgur.com/a/a6RaZMP

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#86 - [Intel]: https://imgur.com/a/y5BRx

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#85 - [Intel]: https://imgur.com/a/LpTN7

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#83 - [Intel]: https://imgur.com/a/qI5Fvm4

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#81 - [Intel]: https://imgur.com/a/MuHSZtC

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#80 - [Intel]: https://imgur.com/a/57uOiTu

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#79 - [Intel]: https://imgur.com/a/4YxuSfV

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#78 - [Intel]: https://imgur.com/a/lAQ1tMQ

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#77 - [Intel]: https://imgur.com/a/SSKmu

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#76 - [Intel]: https://imgur.com/a/eBF7Mqe

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#75 - [Intel]: https://imgur.com/a/vS7xV

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#74 - [Intel]: https://imgur.com/a/5vPEc

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#73 - [Intel]: https://imgur.com/a/N3BgY

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#72 - [Intel]: https://old.reddit.com/r/LinuxMalware/comments/a66dsz/ddostf_still_lurking_arm_boxes/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1059.006

#71 - [Intel]: https://old.reddit.com/r/LinuxMalware/comments/7qd27e/linuxss_aka_shark_hacktool_syn_scanner_wpcap/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1059.006

#70 - [Intel]: https://imgur.com/a/8mFGk

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#69 - [Intel]: https://twitter.com/billyleonard/status/1417910729005490177

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573

#68 - [Intel]: https://www.welivesecurity.com/2015/04/29/unboxing-linuxmumblehard-muttering-spam-servers/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:Non-persistentStorage, missing:tag:T1046

#67 - [Intel]: https://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF

Issue - State: open - Opened by timb-machine almost 3 years ago - 1 comment
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1021.001

#66 - [Intel]: https://twitter.com/timb_machine/status/1450595881732947968

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573

#65 - [Intel]: https://yoroi.company/research/shadows-from-the-past-threaten-italian-enterprises/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:T1560, missing:tag:T1059.006, missing:tag:T1003.008, missing:tag:T1078.003, missing:tag:RedirectionToNull, missing:tag:T1205

#63 - [Intel]: https://cloud.google.com/blog/topics/threat-intelligence/live-off-the-land-an-overview-of-unc1945/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:Non-persistentStorage, missing:tag:T1070.006, missing:tag:T1556.003, missing:tag:RedirectionToNull, missing:tag:T1070.002, missing:tag:T1021.004

#61 - [Intel]: https://imgur.com/a/53f29O9

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#60 - [Intel]: https://imgur.com/a/qqgfFXf

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics

#59 - [Intel]: https://blog.malwaremustdie.org/2020/02/mmd-0065-2021-linuxmirai-fbot-re.html

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1059.006, missing:tag:T1574.006, missing:tag:T1003.008, missing:tag:T1205, missing:tag:IRC

#58 - [Intel]: https://blog.malwaremustdie.org/2020/01/mmd-0065-2020-linuxmirai-fbot.html

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1574.006, missing:tag:T1003.008, missing:tag:T1071.002, missing:tag:IRC

#57 - [Intel]: https://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linuxmirai-just.html

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1574.006, missing:tag:T1003.008, missing:tag:RedirectionToNull, missing:tag:T1205, missing:tag:ProcessTreeSpoofing, missing:tag:T1046, missing:tag:ProcessTreeSpoofingForking, missing:tag:IRC

#56 - [Intel]: https://www.microsoft.com/security/blog/2021/07/22/when-coin-miners-evolve-part-1-exposing-lemonduck-and-lemoncat-modern-mining-malware-infrastructure/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:JavaScript, missing:tag:T1069

#55 - [Intel]: https://www.trendmicro.com/en_gb/research/19/f/cryptocurrency-mining-botnet-arrives-through-adb-and-spreads-through-ssh.html

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:Non-persistentStorage, missing:tag:T1222, missing:tag:T1548.001, missing:tag:wltm

#54 - [Intel]: https://blog.talosintelligence.com/2018/06/vpnfilter-update.html

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:Non-persistentStorage, missing:tag:JavaScript, missing:tag:T1215, missing:tag:T1562.004, missing:tag:wltm

#53 - [Intel]: https://blog.talosintelligence.com/2018/05/VPNFilter.html

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:Non-persistentStorage, missing:tag:wltm

#52 - [Intel]: https://blog.netlab.360.com/an-analysis-of-godlua-backdoor-en/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1560

#51 - [Intel]: https://twitter.com/_larry0/status/1143532888538984448

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1562.004

#50 - [Intel]: https://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentials

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1070.006, missing:tag:T1053.007, missing:tag:T1098.004, missing:tag:T1609, missing:tag:T1610, missing:tag:RedirectionToNull, missing:tag:T1037, missing:tag:T1001, missing:tag:T1552.004, missing:tag:T1037.004

#49 - [Intel]: https://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1518, missing:tag:T1021.001, missing:tag:T1071.002, missing:tag:wltm, missing:tag:IRC

#48 - [Intel]: https://portswigger.net/daily-swig/backdoor-planted-in-php-git-repository-after-server-hack

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:JavaScript

#47 - [Intel]: https://arstechnica.com/information-technology/2012/09/questions-abound-as-malicious-phpmyadmin-backdoor-found-on-sourceforge-site/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590

#47 - [Intel]: https://arstechnica.com/information-technology/2012/09/questions-abound-as-malicious-phpmyadmin-backdoor-found-on-sourceforge-site/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590

#46 - [Intel]: https://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1059.006

#46 - [Intel]: https://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1059.006

#45 - [Intel]: https://www.rapid7.com/db/modules/exploit/unix/irc/unreal_ircd_3281_backdoor/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1070.006

#45 - [Intel]: https://www.rapid7.com/db/modules/exploit/unix/irc/unreal_ircd_3281_backdoor/

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1070.006

#44 - [Intel]: https://www.aldeid.com/wiki/Exploits/proftpd-1.3.3c-backdoor

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1027.002, missing:tag:RedirectionToNull, missing:tag:T1205, missing:tag:JavaScript, missing:tag:T1027.004, missing:tag:T1071.002

#44 - [Intel]: https://www.aldeid.com/wiki/Exploits/proftpd-1.3.3c-backdoor

Issue - State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1027.002, missing:tag:RedirectionToNull, missing:tag:T1205, missing:tag:JavaScript, missing:tag:T1027.004, missing:tag:T1071.002

GitHub / timb-machine/linux-malware issues and pull requests