Giter Site home page Giter Site logo

unixfreaxjp / strudels_attack Goto Github PK

View Code? Open in Web Editor NEW
7.0 2.0 6.0 545 KB

IOC for "Strudel"IoT "SSH TCP Forward" attacks | https://unixfreaxjp.github.io/Strudels_Attack/

Home Page: https://blog.malwaremustdie.org/2017/03/mmd-0062-2017-credential-harvesting-by.html

Lua 100.00%
ssh tcp forwarding formatstringattack mirai luabot credential-harversting

strudels_attack's Introduction

MMD-0062-2017

Repository data for MMD-0062-2017 - Credential harversting by SSH Direct TCP Forward hacking attack (aka Strudels Attack)

For the recent ACTIVE (on-going) attacker network please visit the this Github's repo data. Explanation is in Threat report or read Q & A in Infosec Institute about Strudels attack.

UPDATE:

Last update: Wed Mar 22 08:43:34 JST 2017

We now only maintained the "Red, Hot & Chili Network" list due to lack of resource.

Newer attacker network in AS49453 | 91.195.103.0/24 | GLOBALLAYER | NL
Older attacker network is AS49981 | 194.88.104.0/22 | WORLDSTREAM | NL 

We have received contacts from NCSC-NL (CERT NL) via CERT-BUND (CERT DE) to confirm that 
the hoster entity 3NT.COM's Abuse Team has terminated the related customer account(s) of 
Strudels attacker actor. We herewith report that 3NT.COM has been cleaned up, so 
you can remove the block for the 3NT.COM addresses. 

The list stays as per it is for the RECORD purpose, as evidence of cyber 
crime for the law enforcement who is now investigating the case.

Law enforcement can contact directly to the related CERT or hosters for the 
identification details used by the bad actors.

- Thank you -

You can search IP addresses you want to check in this repository, to seek in which category it is classified in MMD-0062-2017 (attackers or victims).

Cyber crime diagram to explain the mass credential stealing scheme:

MalwareMustDie!

strudels_attack's People

Contributors

unixfreaxjp avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

cephurs jesseei vaginessa citpaingoo qq431169079

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.