SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.tsunami (Back to overview)

Tsunami

aka: Muhstik, Radiation, Amnesia
URLhaus          

There is no description at this point.

References
2023-06-20AhnLabASEC
@online{asec:20230620:tsunami:bbf63b6, author = {ASEC}, title = {{Tsunami DDoS Malware Distributed to Linux SSH Servers}}, date = {2023-06-20}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/54647/}, language = {English}, urldate = {2023-08-07} } Tsunami DDoS Malware Distributed to Linux SSH Servers
PerlBot Tsunami
2022-09-15AquasecAssaf Morag, Asaf Eitani
@online{morag:20220915:threat:b35ec09, author = {Assaf Morag and Asaf Eitani}, title = {{Threat Alert: New Malware in the Cloud By TeamTNT}}, date = {2022-09-15}, organization = {Aquasec}, url = {https://blog.aquasec.com/new-malware-in-the-cloud-by-teamtnt}, language = {English}, urldate = {2022-09-19} } Threat Alert: New Malware in the Cloud By TeamTNT
Tsunami
2022-07-07AquaNitzan Yaakov
@online{yaakov:20220707:8220:7a95f64, author = {Nitzan Yaakov}, title = {{8220 Gang Deploys a New Campaign with Upgraded Techniques}}, date = {2022-07-07}, organization = {Aqua}, url = {https://blog.aquasec.com/8220-gang-confluence-vulnerability-cve-2022-26134}, language = {English}, urldate = {2022-07-12} } 8220 Gang Deploys a New Campaign with Upgraded Techniques
Tsunami
2022-04-19360360 Netlab
@online{netlab:20220419:public:0ce406b, author = {360 Netlab}, title = {{Public Cloud Cybersecurity Threat Intelligence (202203)}}, date = {2022-04-19}, organization = {360}, url = {https://blog.netlab.360.com/public-cloud-threat-intelligence-202203/}, language = {English}, urldate = {2022-04-25} } Public Cloud Cybersecurity Threat Intelligence (202203)
Bashlite Tsunami Mirai
2022-03-24JuniperPaul Kimayong
@online{kimayong:20220324:muhstik:b70f2b9, author = {Paul Kimayong}, title = {{Muhstik Gang targets Redis Servers}}, date = {2022-03-24}, organization = {Juniper}, url = {https://blogs.juniper.net/en-us/security/muhstik-gang-targets-redis-servers}, language = {English}, urldate = {2022-03-28} } Muhstik Gang targets Redis Servers
Tsunami
2022-03-02Bleeping ComputerBill Toulas
@online{toulas:20220302:log4shell:fa4dfeb, author = {Bill Toulas}, title = {{Log4shell exploits now used mostly for DDoS botnets, cryptominers}}, date = {2022-03-02}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/log4shell-exploits-now-used-mostly-for-ddos-botnets-cryptominers/}, language = {English}, urldate = {2022-03-07} } Log4shell exploits now used mostly for DDoS botnets, cryptominers
Kinsing Tsunami BillGates
2021-12-23SymantecSiddhesh Chandrayan
@online{chandrayan:20211223:log4j:58ea562, author = {Siddhesh Chandrayan}, title = {{Log4j Vulnerabilities: Attack Insights}}, date = {2021-12-23}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/log4j-vulnerabilities-attacks}, language = {English}, urldate = {2022-01-25} } Log4j Vulnerabilities: Attack Insights
Tsunami Conti Dridex Khonsari Orcus RAT TellYouThePass
2021-12-14Medium s2wlabS2W TALON
@online{talon:20211214:logs:198ffe4, author = {S2W TALON}, title = {{Logs of Log4shell (CVE-2021-44228): log4j is ubiquitous}}, date = {2021-12-14}, organization = {Medium s2wlab}, url = {https://medium.com/s2wblog/logs-of-log4shell-cve-2021-44228-log4j-is-ubiquitous-en-809064312039}, language = {English}, urldate = {2022-01-05} } Logs of Log4shell (CVE-2021-44228): log4j is ubiquitous
Kinsing Mirai Tsunami
2021-12-13Cado SecurityCado Security
@online{security:20211213:analysis:6199122, author = {Cado Security}, title = {{Analysis of Initial In The Wild Attacks Exploiting Log4Shell/Log4J/CVE-2021-44228}}, date = {2021-12-13}, organization = {Cado Security}, url = {https://www.cadosecurity.com/analysis-of-initial-in-the-wild-attacks-exploiting-log4shell-log4j-cve-2021-44228/}, language = {English}, urldate = {2022-01-18} } Analysis of Initial In The Wild Attacks Exploiting Log4Shell/Log4J/CVE-2021-44228
Kinsing Mirai Tsunami
2021-11-16sysdigStefano Chierici
@online{chierici:20211116:handson:38838d6, author = {Stefano Chierici}, title = {{Hands-On Muhstik Botnet: crypto-mining attacks targeting Kubernetes}}, date = {2021-11-16}, organization = {sysdig}, url = {https://sysdig.com/blog/muhstik-malware-botnet-analysis/}, language = {English}, urldate = {2021-11-25} } Hands-On Muhstik Botnet: crypto-mining attacks targeting Kubernetes
Tsunami
2021-10-22FortinetCara Lin
@online{lin:20211022:recent:248c7d4, author = {Cara Lin}, title = {{Recent Attack Uses Vulnerability on Confluence Server}}, date = {2021-10-22}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/recent-attack-uses-vulnerability-on-confluence-server}, language = {English}, urldate = {2021-10-26} } Recent Attack Uses Vulnerability on Confluence Server
Tsunami BillGates
2021-09-20IBMIBM SECURITY X-FORCE
@online{xforce:20210920:2021:41cf9ce, author = {IBM SECURITY X-FORCE}, title = {{2021 IBM SecurityX-Force Cloud Threat Landscape Report}}, date = {2021-09-20}, organization = {IBM}, url = {https://www.ibm.com/downloads/cas/WMDZOWK6?social_post=5483919673&linkId=131648775}, language = {English}, urldate = {2021-09-22} } 2021 IBM SecurityX-Force Cloud Threat Landscape Report
Kaiji Kinsing Tsunami Xanthe XOR DDoS
2021-09-14Cado SecurityCado Security
@online{security:20210914:teamtnt:bdb30cc, author = {Cado Security}, title = {{TeamTNT Script Employed to Grab AWS Credentials}}, date = {2021-09-14}, organization = {Cado Security}, url = {https://www.cadosecurity.com/teamtnt-script-employed-to-grab-aws-credentials/}, language = {English}, urldate = {2021-09-19} } TeamTNT Script Employed to Grab AWS Credentials
TeamTNT Tsunami
2021-09-08laceworkLacework Labs
@online{labs:20210908:muhstik:f7875d9, author = {Lacework Labs}, title = {{Muhstik Takes Aim at Confluence CVE 2021-26084}}, date = {2021-09-08}, organization = {lacework}, url = {https://www.lacework.com/blog/muhstik-takes-aim-at-confluence-cve-2021-26084/}, language = {English}, urldate = {2021-09-12} } Muhstik Takes Aim at Confluence CVE 2021-26084
Tsunami
2021-09IntezerIntezer
@techreport{intezer:202109:teamtnt:425ab21, author = {Intezer}, title = {{TeamTNT: Cryptomining Explosion}}, date = {2021-09}, institution = {Intezer}, url = {https://www.intezer.com/wp-content/uploads/2021/09/TeamTNT-Cryptomining-Explosion.pdf}, language = {English}, urldate = {2021-09-19} } TeamTNT: Cryptomining Explosion
TeamTNT Tsunami
2021-03-21BlackberryBlackberry Research
@techreport{research:20210321:2021:a393473, author = {Blackberry Research}, title = {{2021 Threat Report}}, date = {2021-03-21}, institution = {Blackberry}, url = {https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-2021-threat-report.pdf}, language = {English}, urldate = {2021-03-25} } 2021 Threat Report
Bashlite FritzFrog IPStorm Mirai Tsunami elf.wellmess AppleJeus Dacls EvilQuest Manuscrypt Astaroth BazarBackdoor Cerber Cobalt Strike Emotet FinFisher RAT Kwampirs MimiKatz NjRAT Ryuk SmokeLoader TrickBot
2020-12-02AquaIdan Revivo, Assaf Morag
@online{revivo:20201202:threat:7bb189a, author = {Idan Revivo and Assaf Morag}, title = {{Threat Alert: Fileless Malware Executing in Containers}}, date = {2020-12-02}, organization = {Aqua}, url = {https://blog.aquasec.com/fileless-malware-container-security}, language = {English}, urldate = {2020-12-08} } Threat Alert: Fileless Malware Executing in Containers
Tsunami
2020-11-21Toli SecurityToli Security
@online{security:20201121:multivector:dfb6b1f, author = {Toli Security}, title = {{Multi-Vector Miner+Tsunami Botnet with SSH Lateral Movement}}, date = {2020-11-21}, organization = {Toli Security}, url = {https://tolisec.com/multi-vector-minertsunami-botnet-with-ssh-lateral-movement/}, language = {English}, urldate = {2022-04-15} } Multi-Vector Miner+Tsunami Botnet with SSH Lateral Movement
Tsunami
2020-11-10laceworkChris Hall
@online{hall:20201110:meet:a741348, author = {Chris Hall}, title = {{Meet Muhstik – IoT Botnet Infecting Cloud Servers}}, date = {2020-11-10}, organization = {lacework}, url = {https://www.lacework.com/meet-muhstik-iot-botnet-infecting-cloud-servers/}, language = {English}, urldate = {2020-11-12} } Meet Muhstik – IoT Botnet Infecting Cloud Servers
Tsunami
2020-09-10Kaspersky LabsGReAT
@online{great:20200910:overview:f751b73, author = {GReAT}, title = {{An overview of targeted attacks and APTs on Linux}}, date = {2020-09-10}, organization = {Kaspersky Labs}, url = {https://securelist.com/an-overview-of-targeted-attacks-and-apts-on-linux/98440/}, language = {English}, urldate = {2020-10-05} } An overview of targeted attacks and APTs on Linux
Cloud Snooper Dacls DoubleFantasy MESSAGETAP Penquin Turla Tsunami elf.wellmess X-Agent
2020-01-21Palo Alto Networks Unit 42Cong Zheng, Yang Ji, Asher Davila
@online{zheng:20200121:muhstik:b784bae, author = {Cong Zheng and Yang Ji and Asher Davila}, title = {{Muhstik Botnet Attacks Tomato Routers to Harvest New IoT Devices}}, date = {2020-01-21}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/muhstik-botnet-attacks-tomato-routers-to-harvest-new-iot-devices/}, language = {English}, urldate = {2020-01-22} } Muhstik Botnet Attacks Tomato Routers to Harvest New IoT Devices
Tsunami
2018-04-23ThreatpostLindsey O'Donnell
@online{odonnell:20180423:muhstik:668faf9, author = {Lindsey O'Donnell}, title = {{Muhstik Botnet Exploits Highly Critical Drupal Bug}}, date = {2018-04-23}, organization = {Threatpost}, url = {https://threatpost.com/muhstik-botnet-exploits-highly-critical-drupal-bug/131360/}, language = {English}, urldate = {2020-01-05} } Muhstik Botnet Exploits Highly Critical Drupal Bug
Tsunami
2017-04-06Palo Alto Networks Unit 42Claud Xiao, Cong Zheng
@online{xiao:20170406:new:282a428, author = {Claud Xiao and Cong Zheng}, title = {{New IoT/Linux Malware Targets DVRs, Forms Botnet}}, date = {2017-04-06}, organization = {Palo Alto Networks Unit 42}, url = {http://researchcenter.paloaltonetworks.com/2017/04/unit42-new-iotlinux-malware-targets-dvrs-forms-botnet/}, language = {English}, urldate = {2019-12-20} } New IoT/Linux Malware Targets DVRs, Forms Botnet
Tsunami
2017-01-28CyberXCyberX
@online{cyberx:20170128:radiation:141e735, author = {CyberX}, title = {{Radiation Report}}, date = {2017-01-28}, organization = {CyberX}, url = {http://get.cyberx-labs.com/radiation-report}, language = {English}, urldate = {2020-01-13} } Radiation Report
Tsunami

There is no Yara-Signature yet.