![]() ![]() The vast majority of these files appear to target various Solaris, Linux, and FreeBSD clients – just based off their naming conventions. It’s a curious footnote that the Ford Motor Company IP address appears within a number of files under the ‘example’ section:Į is a PERL script, that as pointed out by x0rz, impersonates a Chinese browser with a fake accept-language:Ī number of documents reference the deployment of RATs (Remote Access Trojans) to compromised machines. Ys.auto is an encompassing script that assists with the deployment of various RATs and system monitors. Strifeworld is a TCP session recorder that dates from 2001:ĮndlessDonut helps deploy monitoring agents and to maintain a clean record: PTrace/ForkPTY is a kernel exploit affecting Linux 2.2 – 2.4:ĮngageNaughty is an Apache and SSL exploit:ĮasyStreet appears to be some sort of UDP exploit utilizing sendmail:ĮBBSHAVE is a vulnerability affecting Solaris RPC services version 2.10:ĮXCELBERWICK is a remote exploit against xmlrpc.php on Unix based systems:Īside from the partial selection of exploits posted above, the dump also contains a number of tools, utilities, and scripts to deploy once successful exploitation of the system occurs. While we can’t confirm the authenticity of the following exploits, we will provide a small snippet from the collection below.ĮlatedMonkey is a local privilege escalation exploit against the cPanel Remote Management Web interface current through at least version 24:ĮlginGamble is a ‘public’ vulnerability affecting Linux 2.6.13 – 2.6.17.4 to create a cron script capable of spawning a root shell: Though many of the exploits are dated from many years ago, some as far back as 2003, it’s possible they are still usable on legacy systems. A majority of the files seem to target Linux and Solaris-based servers. #Malwarebytes 3.1.2 premium key 2017 software#There are a number of tools in the dump with notes and code that indicate possible exploits against various software and products. All of which appear to be deliberate false-flags to help conceal the identity of the person/group associated with the original attack. For the inference of being American citizens and in the eyes of any High School English teacher, it’s a cringe-worthy read filled with grammatical, spelling, and punctuation errors ( although, good use of the Oxford comma), and seems to use a variety of written dialects and cultural references throughout. It seems most applicable to the Islam interpretation of the word. The epic rant discusses the Alien and Sedition Act of 1798, Social Collectivism, White Privilege, Russia, and even Magog ( I had to look it up too. The release of the key came in a highly politicized tirade directed to President Donald Trump touching on everything from Obamacare and Goldman Sachs, to Syria, Steven Bannon, and John McCain. ![]() ![]() #Malwarebytes 3.1.2 premium key 2017 archive#It’s difficult, if not impossible for us to verify the claims from the hackers or to place attribution to the appropriate group, but there are interesting bits of information contained within the archive and we will document some of the early discoveries here. While the group’s get-rich-quick plan to sell the auction file for the astronomical asking price of 1M bitcoins (roughly $1,186,510,000.00 US Dollar as of today) may have ended with spectacular failure, the team has made good on their promise to ultimately release the stolen information should the requested payoff not be received. Over the weekend, the hacking group ShadowBrokers released the decryption key for the ‘auction’ file that was included in the dump of information from last summer that the group claimed they acquired from Equation Group – reportedly a well-known hacking team responsible for highly sophisticated malware campaigns such as Flame and Stuxnet and possibly associated with certain 3-letter government agencies. ShadowBrokers finally made good on their promise to release the decryption key to unlock the stolen ‘auction’ file purportedly filled with NSA hacking tools. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |