Sponsored by Hudson Rock – Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business
Victims count: 844
Last discovered victim 2025-03-31
First discovered victims: 2024-02-10
Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |
---|---|---|---|---|---|---|---|
Angry IP Scanner
Nmap
SoftPerfect NetScan
WKTools
|
AnyDesk
Atera
N-Able
ScreenConnect
Splashtop
TightVNC
|
BadRentdrv2
ThreatFire System Monitor driver (BYOVD)
|
Mimikatz
|
Cobalt Strike
CrackMapExec
Impacket
Kerbrute
Metasploit
Sliver
|
Stowaway
|
BITSAdmin
PsExec
|
PSCP
RClone
WinSCP
|
Vendor | Product | CVE | Source |
---|---|---|---|
Apache | ActiveMQ | CVE-2023-46604 | cisa.gov |
Atlassian | Confluence Data Center & Server | CVE-2023-22515 | cisa.gov |
Citrix | NetScaler ADC & Gateway | CVE-2023-3519 | cisa.gov |
Fortinet | FortiOS SSL-VPN & FortiProxy | CVE-2023-27997 | cisa.gov |
Fortinet | FortiClientEMS | CVE-2023-48788 | cisa.gov |
F5 | BIG-IP | CVE-2023-46747 | cisa.gov |
Windows | NetLogon | CVE-2020-1472 | cisa.gov |
Windows | BITS | CVE-2020-0787 | cisa.gov |
Windows | SMBv1 | CVE-2017-0144 | cisa.gov |
Execution | Defense Evasion | Lateral Movement | Impact |
---|---|---|---|
Windows Management Instrumentation | Indicator Removal: Clear Windows Event Logs | Lateral Tool Transfer | Data Encrypted for Impact |
Command and Scripting Interpreter: Windows Command Shell | Impair Defenses: Disable or Modify Tools | Service Stop | |
Inhibit System Recovery |
No YARA rules available.