| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Asnarök is a threat actor that exploited CVE-2020-12271 and utilized command injection privilege escalation to gain root access to devices and install the Asnarök Trojan and demonstrated significant changes in TTPs, including the deployment of a web shell that did not reach out to external C2 for commands. X-Ops identified a patient-zero device linked to the attack and observed the use of an IC.sh script that stole local user account data. The actor's activities were linked to a broader pattern of malicious exploit research and targeted vulnerabilities disclosed by bug bounty researchers.
There are currently no families associated with this actor.
| 2024-10-31
⋅
Sophos X-Ops
⋅
Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns Asnarök Tstark |
| 2024-10-31
⋅
Sophos X-Ops
⋅
Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats Asnarök |