SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.abcbot (Back to overview)

Abcbot


Abcbot is a modular Go-based botnet and malware that propagates via exploits and brute force attempts. The botnet was observed launching DDoS attacks, perform internet scans, and serve web pages. It is probably linked to Xanthe-based clipjacking campaign.

References
2022-01-10Cado SecurityMatt Muir
@online{muir:20220110:abcbot:ace96ad, author = {Matt Muir}, title = {{Abcbot - An Evolution of Xanthe}}, date = {2022-01-10}, organization = {Cado Security}, url = {https://www.cadosecurity.com/abcbot-an-evolution-of-xanthe/}, language = {English}, urldate = {2022-01-17} } Abcbot - An Evolution of Xanthe
Abcbot Xanthe
2021-12-21Cado SecurityMatt Muir
@online{muir:20211221:continued:61d7698, author = {Matt Muir}, title = {{The Continued Evolution of Abcbot}}, date = {2021-12-21}, organization = {Cado Security}, url = {https://www.cadosecurity.com/the-continued-evolution-of-abcbot/}, language = {English}, urldate = {2022-01-05} } The Continued Evolution of Abcbot
Abcbot
2021-12-02laceworkLacework Labs
@online{labs:20211202:abc:84ea824, author = {Lacework Labs}, title = {{ABC Botnet Attacks on the Rise}}, date = {2021-12-02}, organization = {lacework}, url = {https://www.lacework.com/blog/abc-botnet-attacks-on-the-rise/}, language = {English}, urldate = {2021-12-06} } ABC Botnet Attacks on the Rise
Abcbot
2021-11-09360 netlabAlex.Turing, Hui Wang
@online{alexturing:20211109:abcbot:8e1eee4, author = {Alex.Turing and Hui Wang}, title = {{Abcbot, an evolving botnet}}, date = {2021-11-09}, organization = {360 netlab}, url = {https://blog.netlab.360.com/abcbot_an_evolving_botnet_en/}, language = {English}, urldate = {2021-11-17} } Abcbot, an evolving botnet
Abcbot

There is no Yara-Signature yet.