Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-01-10360 netlabAlex Turing, Hui Wang
@online{turing:20230110:heads:afb8678, author = {Alex Turing and Hui Wang}, title = {{Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges}}, date = {2023-01-10}, organization = {360 netlab}, url = {https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges/}, language = {English}, urldate = {2023-01-25} } Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges
xdr33
2022-05-09360 netlabLiu Ya, Alex.Turing, Hui Wang, YANG XU
@online{ya:20220509:data:71a5fb8, author = {Liu Ya and Alex.Turing and Hui Wang and YANG XU}, title = {{The data analysis behind the cyber attack on Beijing Healthbao}}, date = {2022-05-09}, organization = {360 netlab}, url = {https://blog.netlab.360.com/botnet-group-behind-attack-bjjkb/}, language = {Chinese}, urldate = {2022-05-25} } The data analysis behind the cyber attack on Beijing Healthbao
2022-04-13360 netlabHui Wang, Alex.Turing, YANG XU
@online{wang:20220413:fodcha:3279a03, author = {Hui Wang and Alex.Turing and YANG XU}, title = {{Fodcha, a new DDos botnet}}, date = {2022-04-13}, organization = {360 netlab}, url = {https://blog.netlab.360.com/fodcha-a-new-ddos-botnet/}, language = {English}, urldate = {2022-04-15} } Fodcha, a new DDos botnet
Fodcha
2022-04-13360 netlabHui Wang, Alex.Turing, YANG XU
@online{wang:20220413:new:1e147e1, author = {Hui Wang and Alex.Turing and YANG XU}, title = {{New Threat: The Muffled Fodcha Botnet}}, date = {2022-04-13}, organization = {360 netlab}, url = {https://blog.netlab.360.com/men-sheng-fa-da-cai-fodchajiang-shi-wang-luo/}, language = {Chinese}, urldate = {2022-05-04} } New Threat: The Muffled Fodcha Botnet
2022-03-15360 netlabAlex.Turing, Hui Wang
@online{alexturing:20220315:new:3b64b05, author = {Alex.Turing and Hui Wang}, title = {{New Threat: Linux Backdoor B1txor20 using DNS Tunnel technology is spreading through the Log4j vulnerability}}, date = {2022-03-15}, organization = {360 netlab}, url = {https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_cn/}, language = {Chinese}, urldate = {2022-03-15} } New Threat: Linux Backdoor B1txor20 using DNS Tunnel technology is spreading through the Log4j vulnerability
B1txor20
2021-11-30360 netlabAlex.Turing, Hui Wang
@online{alexturing:20211130:ewdoor:aa6e76e, author = {Alex.Turing and Hui Wang}, title = {{EwDoor Botnet Is Attacking AT&T Customers}}, date = {2021-11-30}, organization = {360 netlab}, url = {https://blog.netlab.360.com/warning-ewdoor-botnet-is-attacking-att-customers/}, language = {English}, urldate = {2021-12-07} } EwDoor Botnet Is Attacking AT&T Customers
EwDoor
2021-11-18360 netlabHui Wang, Alex.Turing, litao3rd, YANG XU
@online{wang:20211118:pitfall:23ff4ea, author = {Hui Wang and Alex.Turing and litao3rd and YANG XU}, title = {{The Pitfall of Threat Intelligence Whitelisting: Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service}}, date = {2021-11-18}, organization = {360 netlab}, url = {https://blog.netlab.360.com/the-pitfall-of-threat-intelligence-whitelisting-specter-botnet-is-taking-over-top-legit-dns-domains-by-using-cloudns-service/}, language = {English}, urldate = {2021-11-19} } The Pitfall of Threat Intelligence Whitelisting: Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service
Specter
2021-11-12360 netlabAlex.Turing, Hui Wang, YANG XU
@online{alexturing:20211112:malware:70f965d, author = {Alex.Turing and Hui Wang and YANG XU}, title = {{Malware uses namesilo Parking pages and Google's custom pages to spread}}, date = {2021-11-12}, organization = {360 netlab}, url = {https://blog.netlab.360.com/zhatuniubility-malware-uses-namesilo-parking-pages-and-googles-custom-pages-to-spread/}, language = {English}, urldate = {2021-11-17} } Malware uses namesilo Parking pages and Google's custom pages to spread
2021-11-09360 netlabAlex.Turing, Hui Wang
@online{alexturing:20211109:abcbot:8e1eee4, author = {Alex.Turing and Hui Wang}, title = {{Abcbot, an evolving botnet}}, date = {2021-11-09}, organization = {360 netlab}, url = {https://blog.netlab.360.com/abcbot_an_evolving_botnet_en/}, language = {English}, urldate = {2021-11-17} } Abcbot, an evolving botnet
Abcbot
2021-09-28NetlabHui Wang, Alex.Turing, YANG XU
@online{wang:20210928:miraiptearimasuta:2349f41, author = {Hui Wang and Alex.Turing and YANG XU}, title = {{Mirai_ptea_Rimasuta variant is exploiting a new RUIJIE router 0 day to spread}}, date = {2021-09-28}, organization = {Netlab}, url = {https://blog.netlab.360.com/rimasuta-spread-with-ruijie-0day-en/}, language = {English}, urldate = {2021-10-24} } Mirai_ptea_Rimasuta variant is exploiting a new RUIJIE router 0 day to spread
Mirai
2021-08-30360 netlabAlex.Turing, Hui Wang, GenShen Ye
@online{alexturing:20210830:mostly:d4d0f30, author = {Alex.Turing and Hui Wang and GenShen Ye}, title = {{The Mostly Dead Mozi and Its’ Lingering Bots}}, date = {2021-08-30}, organization = {360 netlab}, url = {https://blog.netlab.360.com/the-mostly-dead-mozi-and-its-lingering-bots/}, language = {English}, urldate = {2021-08-31} } The Mostly Dead Mozi and Its’ Lingering Bots
Mozi
2021-07-01360 netlabHui Wang, Alex.Turing, Jinye, houliuyang, Chai Linyuan
@online{wang:20210701:miraiptea:3ba235e, author = {Hui Wang and Alex.Turing and Jinye and houliuyang and Chai Linyuan}, title = {{Mirai_ptea Botnet is Exploiting Undisclosed KGUARD DVR Vulnerability}}, date = {2021-07-01}, organization = {360 netlab}, url = {https://blog.netlab.360.com/mirai_ptea-botnet-is-exploiting-undisclosed-kguard-dvr-vulnerability-en/}, language = {English}, urldate = {2021-07-11} } Mirai_ptea Botnet is Exploiting Undisclosed KGUARD DVR Vulnerability
Mirai
2021-04-28360 netlabAlex Turing, Hui Wang
@online{turing:20210428:rotajakiro:3d85cc1, author = {Alex Turing and Hui Wang}, title = {{RotaJakiro: A long live secret backdoor with 0 VT detection}}, date = {2021-04-28}, organization = {360 netlab}, url = {https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/}, language = {English}, urldate = {2021-05-04} } RotaJakiro: A long live secret backdoor with 0 VT detection
RotaJakiro
2020-11-20360 netlabHui Wang, Alex Turing, CNCERT, Qihoo 360
@online{wang:20201120:moobot:bee7c03, author = {Hui Wang and Alex Turing and CNCERT and Qihoo 360}, title = {{MooBot on the run using another 0 day targeting UNIX CCTV DVR}}, date = {2020-11-20}, organization = {360 netlab}, url = {https://blog.netlab.360.com/moobot-0day-unixcctv-dvr-en/}, language = {English}, urldate = {2020-11-23} } MooBot on the run using another 0 day targeting UNIX CCTV DVR
MooBot
2020-11-13NetlabAlex Turing, Hui Wang
@online{turing:20201113:quick:fd9e5d2, author = {Alex Turing and Hui Wang}, title = {{Quick update on the Linux.Ngioweb botnet, now it is going after IoT devices}}, date = {2020-11-13}, organization = {Netlab}, url = {https://blog.netlab.360.com/linux-ngioweb-v2-going-after-iot-devices-en/}, language = {English}, urldate = {2020-11-18} } Quick update on the Linux.Ngioweb botnet, now it is going after IoT devices
Ngioweb
2020-09-30360netlabHui Wang, Alex Turing
@online{wang:20200930:ttint:fb14c9f, author = {Hui Wang and Alex Turing}, title = {{Ttint: 一款通过2个0-day漏洞传播的IoT远控木马}}, date = {2020-09-30}, organization = {360netlab}, url = {https://blog.netlab.360.com/ttint-an-iot-rat-uses-two-0-days-to-spread/}, language = {Chinese}, urldate = {2020-10-04} } Ttint: 一款通过2个0-day漏洞传播的IoT远控木马
2020-09-25360netlabAlex Turing, Hui Wang
@online{turing:20200925:ghost:4b56424, author = {Alex Turing and Hui Wang}, title = {{Ghost in action: the Specter botnet}}, date = {2020-09-25}, organization = {360netlab}, url = {https://blog.netlab.360.com/ghost-in-action-the-specter-botnet/}, language = {English}, urldate = {2020-10-04} } Ghost in action: the Specter botnet
Specter
2020-07-10360 netlabAlex Turing, Hui Wang
@online{turing:20200710:new:2d912a8, author = {Alex Turing and Hui Wang}, title = {{The new Bigviktor Botnet is Targeting DrayTek Vigor Router}}, date = {2020-07-10}, organization = {360 netlab}, url = {https://blog.netlab.360.com/bigviktor-dga-botnet/}, language = {English}, urldate = {2020-07-15} } The new Bigviktor Botnet is Targeting DrayTek Vigor Router
BigViktor
2020-07-09360 netlabAlex Turing, Hui Wang
@online{turing:20200709:update:9e65288, author = {Alex Turing and Hui Wang}, title = {{An Update for a Very Active DDos Botnet: Moobot}}, date = {2020-07-09}, organization = {360 netlab}, url = {https://blog.netlab.360.com/ddos-botnet-moobot-en/}, language = {English}, urldate = {2020-07-15} } An Update for a Very Active DDos Botnet: Moobot
MooBot
2020-04-27360 netlabAlex Turing, Hui Wang
@online{turing:20200427:leethozer:43893b8, author = {Alex Turing and Hui Wang}, title = {{The LeetHozer botnet}}, date = {2020-04-27}, organization = {360 netlab}, url = {https://blog.netlab.360.com/the-leethozer-botnet-en/}, language = {English}, urldate = {2020-05-20} } The LeetHozer botnet
LeetHozer