top of page

RobinBot – A new type of DDoS botnet in rapid expansion

In early November 2022, Qianxin Threat Intelligence Center detected an incident with malicious samples from unknown families. The captured malicious samples borrowed from the malicious code of the Mirai and Gafgyt families were observed and found to support a variety of self-named DDoS attack methods, which can be spread through the Telnet service. These DDoS attack methods also integrated multiple vulnerabilities similar to the Omni family, Exp, which are currently spreading rapidly on the Internet.


ATT&CK IDS: T1190 - Exploit Public-Facing Application, T1133 - External Remote Services, T1059 - Command and Scripting Interpreter, T1543 - Create or Modify System Process, T1053 - Scheduled Task/Job, T1090 - Proxy, T1498 - Network Denial of Service, T1021 - Remote Services, T1210 - Exploitation of Remote Services, T1098 - Account Manipulation

Read More:

1 view


Os comentários foram desativados.
bottom of page