top of page
Search
Writer's pictureStormsec

So RapperBot, What Ya Bruting For?

Researchers have been tracking a rapidly evolving IoT malware family known as “RapperBot” since mid-June 2022. This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai.




MALWARE FAMILIES: Mirai, Gafgyt, RapperBot


ATT&CK IDS: T1110 - Brute Force, T1059 - Command and Scripting Interpreter, T1021 - Remote Services, T1499 - Endpoint Denial of Service, T1547 - Boot or Logon Autostart Execution, T1584.005 - Botnet, T1021.004 - SSH, T1094 - Custom Command and Control Protocol


Read More:

2 views

Comments


Commenting has been turned off.
bottom of page