SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.enemybot (Back to overview)

EnemyBot


According to the Infosec Institute, EnemyBot is a dangerous IoT botnet that has made headlines in the last few weeks. This threat, which seems to be disseminated by the Keksec group, expanded its features by adding recent vulnerabilities discovered in 2022. It was designed to attack web servers, Android devices and content management systems (CMS) servers.

References
2022-09-06AT&TOfer Caspi
@online{caspi:20220906:shikitega:bee20db, author = {Ofer Caspi}, title = {{Shikitega - New stealthy malware targeting Linux}}, date = {2022-09-06}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/shikitega-new-stealthy-malware-targeting-linux}, language = {English}, urldate = {2023-01-19} } Shikitega - New stealthy malware targeting Linux
BotenaGo EnemyBot Meterpreter Monero Miner
2022-05-26AT&T CybersecurityOfer Caspi
@online{caspi:20220526:rapidly:cbc0d84, author = {Ofer Caspi}, title = {{Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices}}, date = {2022-05-26}, organization = {AT&T Cybersecurity}, url = {https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers}, language = {English}, urldate = {2022-05-31} } Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices
EnemyBot
2022-04-12FortinetJoie Salvio, Roy Tay
@online{salvio:20220412:enemybot:a538c47, author = {Joie Salvio and Roy Tay}, title = {{Enemybot: A Look into Keksec's Latest DDoS Botnet}}, date = {2022-04-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/enemybot-a-look-into-keksecs-latest-ddos-botnet}, language = {English}, urldate = {2022-04-29} } Enemybot: A Look into Keksec's Latest DDoS Botnet
EnemyBot
2022-03-15SecuronixT. Peck, Oleg Kolesnikov, Den Iyzvyk, Tim Peck
@online{peck:20220315:detecting:b507962, author = {T. Peck and Oleg Kolesnikov and Den Iyzvyk and Tim Peck}, title = {{Detecting EnemyBot – Securonix Initial Coverage Advisory}}, date = {2022-03-15}, organization = {Securonix}, url = {https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory/}, language = {English}, urldate = {2023-01-31} } Detecting EnemyBot – Securonix Initial Coverage Advisory
EnemyBot
2022-03SecuronixSecuronix Threat Labs
@online{labs:202203:detecting:6136462, author = {Securonix Threat Labs}, title = {{Detecting the EnemyBot Botnet – Securonix Initial Coverage Advisory}}, date = {2022-03}, organization = {Securonix}, url = {https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory}, language = {English}, urldate = {2022-04-07} } Detecting the EnemyBot Botnet – Securonix Initial Coverage Advisory
EnemyBot

There is no Yara-Signature yet.