Tim Brown

### Area Malware reports ### Parent threat Command and Control, Exfiltration ### Finding https://cybersecurity.att.com/blogs/labs-research/internet-of-termites ### Industry reference _No response_ ### Malware reference Termite EarthWorm Earthwrom ### Actor reference _No response_...

### Area Malware reports ### Parent threat _No response_ ### Finding https://sansec.io/research/ecommerce-malware-linux-avp ### Industry reference _No response_ ### Malware reference linux_avp Comma ### Actor reference _No response_ ### Component _No...

### Area Malware reports ### Parent threat Resource Development, Discovery, Command and Control ### Finding https://www.welivesecurity.com/2022/09/14/you-never-walk-alone-sidewalk-backdoor-linux-variant/ ### Industry reference attack:T1587.001:Malware attack:T1016:System Network Configuration Discovery attack:T1071.001:Web Protocols attack:T1573.001:Symmetric Cryptography ### Malware...

### Area Malware reports ### Parent threat _No response_ ### Finding https://blog.netlab.360.com/ghost-in-action-the-specter-botnet/ ### Industry reference _No response_ ### Malware reference Specter SideWalk StageClient ### Actor reference _No response_ ### Component...

### Area Malware reports ### Parent threat _No response_ ### Finding https://twitter.com/ESETresearch/status/1410864752948043778 ### Industry reference _No response_ ### Malware reference Specter SideWalk StageClient ### Actor reference _No response_ ### Component...

### Area Malware reports ### Parent threat _No response_ ### Finding https://analyze.intezer.com/files/9b48822bd6065a2ad2c6972003920f713fe2cb750ec13a886efee7b570c111a5 ### Industry reference _No response_ ### Malware reference Specter SideWalk StageClient wltm ### Actor reference _No response_ ###...

### Area Offensive tools ### Parent threat Credential Access ### Finding https://github.com/sevagas/swap_digger ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

### Area Malware reports ### Parent threat Collection, Impact ### Finding https://www.welivesecurity.com/2013/05/07/linuxcdorked-malware-lighttpd-and-nginx-web-servers-also-affected/ ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

### Area Malware binaries ### Parent threat Impact ### Finding https://bazaar.abuse.ch/browse/tag/blackcat/ ### Industry reference https://github.com/timb-machine/linux-malware/issues/118 https://github.com/timb-machine/linux-malware/issues/109 https://github.com/timb-machine/linux-malware/issues/108 https://github.com/timb-machine/linux-malware/issues/107 https://github.com/timb-machine/linux-malware/issues/41 ### Malware reference BlackCat [/malware/binaries/BlackCat](../tree/main/malware/binaries/BlackCat) ### Actor reference _No response_ ###...

### Area Press/academia ### Parent threat Impact ### Finding https://www.darkreading.com/attacks-breaches/blackcat-purveyor-shows-ransomware-operators-have-nine-lives ### Industry reference _No response_ ### Malware reference BlackCat https://github.com/timb-machine/linux-malware/issues/512 ### Actor reference _No response_ ### Component _No response_ ###...