SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.fritzfrog (Back to overview)

FritzFrog

Guardicore has discovered FritzFrog, a sophisticated peer-to-peer (P2P) botnet which has been actively breaching SSH servers since January 2020. It is a worm which is written in Golang, and is modular, multi-threaded and fileless, leaving no trace on the infected machine’s disk.

References
2022-11-03360 netlabLiu Ya, RootKiter
@online{ya:20221103:p2p:29795c2, author = {Liu Ya and RootKiter}, title = {{P2P Botnets: Review - Status - Continuous Monitoring}}, date = {2022-11-03}, organization = {360 netlab}, url = {https://blog.netlab.360.com/p2p-botnets-review-status-continuous-monitoring/}, language = {English}, urldate = {2023-05-23} } P2P Botnets: Review - Status - Continuous Monitoring
FritzFrog Hajime Mozi Pink
2022-02-14SecurityWeekEduard Kovacs
@online{kovacs:20220214:sophisticated:6c68472, author = {Eduard Kovacs}, title = {{Sophisticated FritzFrog P2P Botnet Returns After Long Break}}, date = {2022-02-14}, organization = {SecurityWeek}, url = {https://www.securityweek.com/sophisticated-fritzfrog-p2p-botnet-returns-after-long-break}, language = {English}, urldate = {2022-02-16} } Sophisticated FritzFrog P2P Botnet Returns After Long Break
FritzFrog
2022-02-10AkamaiBen Barnea, Shiran Guez, Ophir Harpaz
@online{barnea:20220210:fritzfrog:630a9b9, author = {Ben Barnea and Shiran Guez and Ophir Harpaz}, title = {{FritzFrog: P2P Botnet Hops Back on the Scene}}, date = {2022-02-10}, organization = {Akamai}, url = {https://www.akamai.com/blog/security/fritzfrog-p2p}, language = {English}, urldate = {2022-02-14} } FritzFrog: P2P Botnet Hops Back on the Scene
FritzFrog
2021-03-21BlackberryBlackberry Research
@techreport{research:20210321:2021:a393473, author = {Blackberry Research}, title = {{2021 Threat Report}}, date = {2021-03-21}, institution = {Blackberry}, url = {https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-2021-threat-report.pdf}, language = {English}, urldate = {2021-03-25} } 2021 Threat Report
Bashlite FritzFrog IPStorm Mirai Tsunami elf.wellmess AppleJeus Dacls EvilQuest Manuscrypt Astaroth BazarBackdoor Cerber Cobalt Strike Emotet FinFisher RAT Kwampirs MimiKatz NjRAT Ryuk SmokeLoader TrickBot
2020-12-21IntezerIntezer
@online{intezer:20201221:top:9529707, author = {Intezer}, title = {{Top Linux Cloud Threats of 2020}}, date = {2020-12-21}, organization = {Intezer}, url = {https://www.intezer.com/blog/cloud-security/top-linux-cloud-threats-of-2020/}, language = {English}, urldate = {2020-12-26} } Top Linux Cloud Threats of 2020
AgeLocker AnchorDNS Blackrota Cloud Snooper Dacls Doki FritzFrog IPStorm Kaiji Kinsing NOTROBIN Penquin Turla PLEAD Prometei RansomEXX Stantinko TeamTNT TSCookie WellMail elf.wellmess TeamTNT
2020-08-19GuardicoreOphir Harpaz
@online{harpaz:20200819:fritzfrog:c2548e5, author = {Ophir Harpaz}, title = {{FritzFrog: A New Generation Of Peer-To-Peer Botnets}}, date = {2020-08-19}, organization = {Guardicore}, url = {https://www.guardicore.com/2020/08/fritzfrog-p2p-botnet-infects-ssh-servers/}, language = {English}, urldate = {2020-08-19} } FritzFrog: A New Generation Of Peer-To-Peer Botnets
FritzFrog

There is no Yara-Signature yet.