SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.dark (Back to overview)

Dark

aka: Dark.IoT

Mirai variant exploiting CVE-2021-20090 and CVE2021-35395 for spreading.

References
2022-06-07Lacework LabsChris Hall
@online{hall:20220607:kinsing:8e96c1f, author = {Chris Hall}, title = {{Kinsing & Dark.IoT botnet among threats targeting CVE-2022-26134}}, date = {2022-06-07}, organization = {Lacework Labs}, url = {https://www.lacework.com/blog/kinsing-dark-iot-botnet-among-threats-targeting-cve-2022-26134/}, language = {English}, urldate = {2022-06-15} } Kinsing & Dark.IoT botnet among threats targeting CVE-2022-26134
Dark Kinsing
2021-09-22RadwareRadware
@online{radware:20210922:darkiot:8f85b59, author = {Radware}, title = {{Dark.IoT, OMIGOD & UDP Technology Update (CVE-2021-38647 & CVE-2021-33544)}}, date = {2021-09-22}, organization = {Radware}, url = {https://www.radware.com/getmedia/d312a5fa-2d8d-4c1e-b31e-73046f24bf35/Alert-Dark-OMIGOD.aspx}, language = {English}, urldate = {2021-09-24} } Dark.IoT, OMIGOD & UDP Technology Update (CVE-2021-38647 & CVE-2021-33544)
Dark
2021-09-20Twitter (@ESETresearch)ESET Research
@online{research:20210920:darkiot:0693e33, author = {ESET Research}, title = {{Tweet on Dark.IoT Botnet exploiting critical Azure vulnerability CVE-2021-38647 #OMIGOD}}, date = {2021-09-20}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1440052837820428298?s=20}, language = {English}, urldate = {2021-09-22} } Tweet on Dark.IoT Botnet exploiting critical Azure vulnerability CVE-2021-38647 #OMIGOD
Dark
2021-09-02JuniperAsher Langton, Alex Burt
@online{langton:20210902:attacks:f9b9494, author = {Asher Langton and Alex Burt}, title = {{Attacks Continue Against Realtek Vulnerabilities}}, date = {2021-09-02}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/threat-research/attacks-continue-against-realtek-vulnerabilities}, language = {English}, urldate = {2021-09-06} } Attacks Continue Against Realtek Vulnerabilities
Dark
2021-08-24RadwareRadware
@online{radware:20210824:darkiot:f2a414e, author = {Radware}, title = {{Dark.IoT Botnet Realtek AP-Router SDK Vulnerability CVE-2021-35395}}, date = {2021-08-24}, organization = {Radware}, url = {https://www.radware.com/getmedia/18d24c2d-c092-4a61-9ad6-ebb92b7a49b8/Alert_Realtek_SDK.aspx}, language = {English}, urldate = {2021-08-30} } Dark.IoT Botnet Realtek AP-Router SDK Vulnerability CVE-2021-35395
Dark Mirai

There is no Yara-Signature yet.