SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.hinata_bot (Back to overview)

HinataBot

HinataBot is a Go-based DDoS-focused botnet. It was observed in the first quarter of 2023 targeting HTTP and SSH endpoints leveraging old vulnerabilities and weak credentials. Amongst those infection vectors are exploitation of the miniigd SOAP service on Realtek SDK devices (CVE-2014-8361), Huawei HG532 routers (CVE-2017-17215), and exposed Hadoop YARN servers.

References
2023-03-16AkamaiChad Seaman, Larry Cashdollar, Allen West
@online{seaman:20230316:uncovering:8712a1d, author = {Chad Seaman and Larry Cashdollar and Allen West}, title = {{Uncovering HinataBot: A Deep Dive into a Go-Based Threat}}, date = {2023-03-16}, organization = {Akamai}, url = {https://www.akamai.com/blog/security-research/hinatabot-uncovering-new-golang-ddos-botnet}, language = {English}, urldate = {2023-03-20} } Uncovering HinataBot: A Deep Dive into a Go-Based Threat
HinataBot

There is no Yara-Signature yet.