-
Notifications
You must be signed in to change notification settings - Fork 92
Issues: timb-machine/linux-malware
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
[Intel]: https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw
missing:tag:T1005
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.002
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1205
missing:tag:T1491
missing:tag:T1562.001
missing:tag:T1567
missing:tag:T1573
missing:tag:T1590
#660
opened May 13, 2023 by
timb-machine
[Intel]: https://www.deepinstinct.com/blog/bpfdoor-malware-evolves-stealthy-sniffing-backdoor-ups-its-game
missing:tag:Non-persistentStorage
missing:tag:T1005
missing:tag:T1021.002
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1491
missing:tag:T1562.004
missing:tag:T1567
missing:tag:T1573
missing:tag:T1590
new
#658
opened May 12, 2023 by
timb-machine
[Intel]: https://media.defense.gov/2023/May/09/2003218554/-1/-1/1/JOINT_CSA_HUNTING_RU_INTEL_SNAKE_MALWARE_20230509.PDF
missing:tag:T1021.002
missing:tag:T1027.002
missing:tag:T1048
missing:tag:T1057
missing:tag:T1069
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1491
missing:tag:T1560
missing:tag:T1567
missing:tag:T1573
missing:tag:T1574.006
new
#657
opened May 12, 2023 by
timb-machine
[Intel]: https://www.sentinelone.com/labs/cl0p-ransomware-targets-linux-systems-with-flawed-encryption-decryptor-available/
missing:tag:T1005
missing:tag:T1021.002
missing:tag:T1027.002
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1205
missing:tag:T1491
missing:tag:T1560
missing:tag:T1567
missing:tag:T1573
missing:tag:T1574.007
#656
opened May 10, 2023 by
timb-machine
[Intel]: https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/
missing:tag:Non-persistentStorage
missing:tag:RedirectionToNull
missing:tag:T1021.002
missing:tag:T1027.002
missing:tag:T1037
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1491
missing:tag:T1567
missing:tag:T1573
#655
opened May 7, 2023 by
timb-machine
[Intel]: https://asec.ahnlab.com/en/51908/
ignore:tag:Non-persistentStorage
missing:tag:T1005
missing:tag:T1007
missing:tag:T1021.002
missing:tag:T1027.002
missing:tag:T1037
missing:tag:T1048
missing:tag:T1053.003
missing:tag:T1053.006
missing:tag:T1057
missing:tag:T1070.003
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1098.004
missing:tag:T1222
missing:tag:T1491
missing:tag:T1543.002
missing:tag:T1548.001
missing:tag:T1552.003
missing:tag:T1552.004
missing:tag:T1560
missing:tag:T1567
missing:tag:T1573
new
#650
opened May 2, 2023 by
timb-machine
[Intel]: https://unit42.paloaltonetworks.com/alloy-taurus/
missing:tag:T1005
missing:tag:T1021.002
missing:tag:T1048
missing:tag:T1069
missing:tag:T1070.003
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1491
missing:tag:T1552.003
missing:tag:T1567
missing:tag:T1573
new
#646
opened Apr 27, 2023 by
timb-machine
[Intel]: https://www.countercraftsec.com/blog/a-step-by-step-bpfdoor-compromise/
confirmed
ignore:tag:Auditd
ignore:tag:T1005
ignore:tag:T1007
ignore:tag:T1021.002
ignore:tag:T1053.006
ignore:tag:T1057
ignore:tag:T1071.001
ignore:tag:T1083
ignore:tag:T1491
ignore:tag:T1543.002
ignore:tag:T1546.004
ignore:tag:T1562.001
ignore:tag:T1567
missing:tag:T1048
missing:tag:T1574.007
#643
opened Apr 20, 2023 by
timb-machine
[Intel]: https://www.welivesecurity.com/wp-content/uploads/2021/10/eset_fontonlake.pdf
missing:tactics
missing:tag:Non-persistentStorage
missing:tag:ProcessTreeSpoofing
missing:tag:ProcessTreeSpoofingForking
missing:tag:T1001
missing:tag:T1005
missing:tag:T1021.002
missing:tag:T1021.004
missing:tag:T1027.002
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.003
missing:tag:T1070.004
missing:tag:T1071.002
missing:tag:T1083
missing:tag:T1098.004
missing:tag:T1205
missing:tag:T1518
missing:tag:T1546.004
missing:tag:T1552.003
missing:tag:T1552.004
missing:tag:T1574.006
missing:tag:T1574.007
missing:tag:T1590
new
#641
opened Apr 20, 2023 by
timb-machine
[Intel]: https://cujo.com/the-sysrv-botnet-and-how-it-evolved/
missing:tag:Non-persistentStorage
missing:tag:T1005
missing:tag:T1021.001
missing:tag:T1021.002
missing:tag:T1027.002
missing:tag:T1048
missing:tag:T1053.003
missing:tag:T1057
missing:tag:T1070.003
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1083
missing:tag:T1205
missing:tag:T1491
missing:tag:T1518
missing:tag:T1552.003
missing:tag:T1560
missing:tag:T1562.004
missing:tag:T1567
missing:tag:T1573
missing:tag:T1590
new
#640
opened Apr 20, 2023 by
timb-machine
[Intel]: https://www.uptycs.com/blog/cyber_espionage_in_india_decoding_apt_36_new_linux_malware
missing:tag:Non-persistentStorage
missing:tag:T1005
missing:tag:T1027.002
missing:tag:T1048
missing:tag:T1053.003
missing:tag:T1057
missing:tag:T1069
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1491
missing:tag:T1560
missing:tag:T1567
missing:tag:T1573
new
#639
opened Apr 18, 2023 by
timb-machine
[Intel]: https://www.bleepingcomputer.com/news/security/lockbit-ransomware-encryptors-found-targeting-mac-devices/
missing:tag:T1027.002
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.003
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1083
missing:tag:T1491
missing:tag:T1552.003
missing:tag:T1560
missing:tag:T1567
missing:tag:T1573
missing:tag:T1590
#638
opened Apr 17, 2023 by
timb-machine
[Intel]: https://blog.sucuri.net/2023/04/balada-injector-synopsis-of-a-massive-ongoing-wordpress-malware-campaign.html
missing:tag:Go
missing:tag:IRC
missing:tag:JavaScript
missing:tag:T1027.002
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.003
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1083
missing:tag:T1491
missing:tag:T1552.003
missing:tag:T1558
missing:tag:T1560
missing:tag:T1567
missing:tag:T1573
missing:tag:T1590
new
#637
opened Apr 15, 2023 by
timb-machine
[Intel]: https://unit42.paloaltonetworks.com/gobruteforcer-golang-botnet/
missing:tag:T1005
missing:tag:T1048
missing:tag:T1053.003
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1071.002
missing:tag:T1491
missing:tag:T1567
missing:tag:T1573
missing:tag:T1590
new
#636
opened Apr 11, 2023 by
timb-machine
[Intel]: https://blog.vibri.us/BeyondTrust-AD-Bridge-Open-Post-Exploitation/
missing:tag:Non-persistentStorage
missing:tag:T1005
missing:tag:T1040
missing:tag:T1048
missing:tag:T1057
missing:tag:T1071.001
missing:tag:T1083
missing:tag:T1222
missing:tag:T1491
missing:tag:T1518
missing:tag:T1548.001
missing:tag:T1567
missing:tag:T1573
new
#635
opened Apr 9, 2023 by
timb-machine
[Intel]: https://github.com/sandflysecurity/sandfly-file-decloak
missing:tag:T1005
missing:tag:T1007
missing:tag:T1037.004
missing:tag:T1048
missing:tag:T1053.006
missing:tag:T1057
missing:tag:T1059.006
missing:tag:T1071.001
missing:tag:T1083
missing:tag:T1491
missing:tag:T1543.002
missing:tag:T1567
missing:tag:T1573
missing:tag:T1574.006
new
#634
opened Apr 9, 2023 by
timb-machine
[Intel]: https://github.com/sandflysecurity/sandfly-entropyscan
missing:tag:Non-persistentStorage
missing:tag:T1005
missing:tag:T1027.002
missing:tag:T1048
missing:tag:T1053.003
missing:tag:T1057
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1083
missing:tag:T1491
missing:tag:T1567
missing:tag:T1573
missing:tag:T1574.006
new
#632
opened Apr 9, 2023 by
timb-machine
ProTip!
Type g i on any issue or pull request to go back to the issue listing page.