背景介绍. 从2019年11月开始,360Netlab未知威胁检测系统Anglerfish蜜罐节点相继监测到某个攻击者使用2个腾达路由器0-day漏洞传播一个基于Mirai代码开发的远程控制木马(RAT)。 常规的Mirai变种基本都是围绕DDoS做文章,而这个变种不同,在DDoS攻击之外,它针对路由器设备实现了Socket5代理,篡改路由器DNS,设置iptables,执行自定义系统命令等多达12个远程控制功能。 此外,在C2通信层面,它使用WSS (WebSocket over TLS) 协议,一方面这样在流量层面可以规避非常成熟的Mirai流量检测,另一方面可以为C2提供安全加密通信。….



Source link

Is your business effected by Cyber Crime?

If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.

Digitpol’s Cyber Crime Investigation Unit provides investigative support to victims of cyber crimes. Digitpol is available 24/7. https://digitpol.com/cybercrime-investigation/

Europe +31558448040
UK +44 20 8089 9944
ASIA +85239733884