HinataBot (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

elf.hinata_bot (Back to overview)

HinataBot

HinataBot is a Go-based DDoS-focused botnet. It was observed in the first quarter of 2023 targeting HTTP and SSH endpoints leveraging old vulnerabilities and weak credentials. Amongst those infection vectors are exploitation of the miniigd SOAP service on Realtek SDK devices (CVE-2014-8361), Huawei HG532 routers (CVE-2017-17215), and exposed Hadoop YARN servers.

References

2023-03-16 ⋅ Akamai ⋅ Allen West, Chad Seaman, Larry Cashdollar
Uncovering HinataBot: A Deep Dive into a Go-Based Threat
HinataBot

There is no Yara-Signature yet.

HinataBot Propose Change

References

HinataBot