SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.fritzfrog (Back to overview)

FritzFrog


Guardicore has discovered FritzFrog, a sophisticated peer-to-peer (P2P) botnet which has been actively breaching SSH servers since January 2020. It is a worm which is written in Golang, and is modular, multi-threaded and fileless, leaving no trace on the infected machine’s disk.

References
2021-03-21BlackberryBlackberry Research
@techreport{research:20210321:2021:a393473, author = {Blackberry Research}, title = {{2021 Threat Report}}, date = {2021-03-21}, institution = {Blackberry}, url = {https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-2021-threat-report.pdf}, language = {English}, urldate = {2021-03-25} } 2021 Threat Report
Bashlite FritzFrog IPStorm Mirai Tsunami elf.wellmess AppleJeus Dacls EvilQuest Manuscrypt Astaroth BazarBackdoor Cerber Cobalt Strike Emotet FinFisher RAT Kwampirs MimiKatz NjRAT Ryuk SmokeLoader TrickBot
2020-12-21IntezerIntezer
@online{intezer:20201221:top:9529707, author = {Intezer}, title = {{Top Linux Cloud Threats of 2020}}, date = {2020-12-21}, organization = {Intezer}, url = {https://www.intezer.com/blog/cloud-security/top-linux-cloud-threats-of-2020/}, language = {English}, urldate = {2020-12-26} } Top Linux Cloud Threats of 2020
AgeLocker Anchor_DNS Blackrota Cloud Snooper Dacls Doki FritzFrog IPStorm Kaiji Kinsing NOTROBIN Penquin Turla PLEAD Prometei RansomEXX Stantinko TeamTNT TSCookie WellMail elf.wellmess TeamTNT
2020-08-19GuardicoreOphir Harpaz
@online{harpaz:20200819:fritzfrog:c2548e5, author = {Ophir Harpaz}, title = {{FritzFrog: A New Generation Of Peer-To-Peer Botnets}}, date = {2020-08-19}, organization = {Guardicore}, url = {https://www.guardicore.com/2020/08/fritzfrog-p2p-botnet-infects-ssh-servers/}, language = {English}, urldate = {2020-08-19} } FritzFrog: A New Generation Of Peer-To-Peer Botnets
FritzFrog

There is no Yara-Signature yet.