xdr33 (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

elf.xdr33 (Back to overview)

xdr33

According to 360 netlab, this backdoor was derived from the leaked CIA Hive project. It propagates via a vulnerability in F5 and communicates using SSL with a forged Kaspersky certificate.

References

2023-01-10 ⋅ 360 netlab ⋅ Alex Turing, Hui Wang
Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges
xdr33

There is no Yara-Signature yet.

xdr33 Propose Change

References

xdr33