| Published | Family | Author - Title |
|---|
| venom | https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2014/october/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/ |
| mirai | MiraiAttacks |
| dirtycow | DirtyCOWVuln |
| dirtycow | 789879840195252224?lang=en |
| dirtycow | cyb3rops?lang=en |
| 2019-10-25 19:10 | mirai | @threatpost - Mirai-Fueled IoT Botnet Behind DDoS Attacks on DNS Providers |
| 2019-10-25 19:10 | mirai | SANS Internet Storm Center - The Short Life of a Vulnerable DVR Connected to the Internet, Author: Johannes Ullrich |
| 2019-10-22 15:10 | mirai | Alexander Khalimonenko / Kaspersky - DDoS attacks in Q4 2016 |
| 2019-10-22 15:10 | mirai | Denis Makrushin / Kaspersky - Is Mirai Really as Black as It’s Being Painted? |
| 2018-01-04 09:01 | cpuminer | Hacker trying to send script thru FileUpload on tomcat 7 |
| 2017-12-05 16:12 | mirai | 360 Netlab Blog - Network Security Research Lab at 360 - Warning: Satori, a Mirai Branch Is Spreading in Worm Style on Port 37215 and 52869 |
| 2017-11-24 09:11 | mirai | 360 Netlab Blog - Network Security Research Lab at 360 - Early Warning: A New Mirai Variant is Spreading Quickly on Port 23 and 2323 |
| 2017-11-24 09:11 | mirai | Catalin Cimpanu / BleepingComputer - Mirai Activity Picks up Once More After Publication of PoC Exploit Code |
| 2017-11-23 09:11 | mirai | bad_packets / Twitter - 933624559483346944 |
| 2017-08-29 14:08 | mirai | New Research Sheds Light on the Mirai Botnet |
| 2017-08-02 17:08 | sambacry | Samba - Security Announcement Archive |
| 2017-08-02 15:08 | sambacry | omri9741 / Twitter - 892766973985206274 |
| 2017-07-26 15:07 | sambacry | x0rz / Twitter - 890225836464504832 |
| 2017-07-26 12:07 | sambacry | omri9741 / Twitter - 890194915216551937 |
| 2017-07-26 11:07 | sambacry | “EternalMiner” Copycats exploiting SambaCry for cryptocurrency mining – Intezer |
| 2017-07-19 08:07 | sambacry | Mohit Kumar / The Hacker News - New Linux Malware Exploits SambaCry Flaw to Silently Backdoor NAS Devices |
| 2017-06-29 00:06 | sambacry | Alex Campbell / PCWorld - The SambaCry scare gives Linux users a taste of WannaCry-Petya problems |
| 2017-06-10 19:06 | sambacry | @securityaffairs / Security Affairs - SambaCry is reality, crooks are abusing CVE-2017-7494 to spread miners |
| 2017-06-09 22:06 | sambacry | Mikhail Kuzin / Kaspersky - SambaCry is coming |
| 2017-05-25 16:05 | sambacry | Daniel Goldberg / GuardiCore - Data Center and Cloud Security - SambaCry, the Seven Year Old Samba Vulnerability, is the Next Big Threat (for now) |
| 2017-02-21 08:02 | mirai | GReAT / Kaspersky - New(ish) Mirai Spreader Poses New Risks |
| 2017-01-25 14:01 | venom | CERN Computer Security Information |
| 2017-01-18 00:01 | mirai | Brian Krebs - Who is Anna-Senpai, the Mirai Worm Author? — Krebs on Security |
| 2017-01-11 17:01 | venom | Report-venom.pdf |
| 2017-01-11 15:01 | venom | MediaWiki 1.17.2 - Venom Rootkit - EGIWiki |
| 2016-12-21 12:12 | mirai | SANS Internet Storm Center - InfoSec Handlers Diary Blog - Mirai Scanning for Port 6789 Looking for New Victims |
| 2016-12-20 15:12 | mirai | Johannes / SANS Internet Storm Center - Port 7547 SOAP Remote Code Execution Attack Against DSL Modems |
| 2016-11-28 21:11 | mirai | lennarthaagsma / Fox-IT International blog - Recent vulnerability in Eir D1000 Router used to spread updated version of Mirai DDoS bot |
| 2016-11-24 13:11 | mirai | Catalin Cimpanu / BleepingComputer - You Can Now Rent a Mirai Botnet of 400,000 Bots |
| 2016-11-08 00:11 | mirai | Flashpoint - Monitoring of Mirai Shows Attempted DDoS of Trump and Clinton Websites |
| 2016-11-02 15:11 | dofloo | analyzing-backdoor-bot-mips-platform-35902 |
| 2016-11-02 15:11 | darlloz | UnPHP - PHP Decode of "<?php
$disablefunc = @ini_get(""disabl.. |
| 2016-11-02 14:11 | aidra | Linux.Aidra Technical Details | Symantec |
| 2016-11-02 14:11 | aidra | Worm.Linux.Aidra.A -
TELUS Security Labs |
| 2016-11-02 14:11 | wifatch | Eduard Kovacs - Tens of Thousands of Routers, IP Cams Infected by Vigilante Malware | SecurityWeek.Com |
| 2016-11-02 14:11 | wifatch | Eduard Kovacs - Developers of Mysterious Wifatch Malware Come Forward | SecurityWeek.Com |
| 2016-11-02 14:11 | wifatch | GitLab - The White Team / linux.wifatch |
| 2016-11-02 13:11 | darlloz | UNIX_DARLLOZ.A - Threat Encyclopedia - Trend Micro USA |
| 2016-11-02 13:11 | darlloz | Charlie Osborne / ZDNet - Linux worm Darlloz targets Intel architecture to mine digital currency |
| 2016-11-02 12:11 | darlloz | Linux.Darlloz | Symantec |
| 2016-11-01 14:11 | mirai | Graham Cluley / Graham Cluley - 'Good' anti-Mirai worm is pulled from Github following backlash |
| 2016-10-31 12:10 | mirai | Invincea Labs |
| 2016-10-28 16:10 | aidra | unixfreaxjp - MMD-0059-2016 - Linux/IRCTelnet (new Aidra) - A DDoS botnet aims IoT w/ IPv6 ready |
| 2016-10-27 07:10 | mirai | Swati Khandelwal / The Hacker News - Friday's Massive DDoS Attack Came from Just 100,000 Hacked IoT Devices |
| 2016-10-24 08:10 | dirtycow | Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability |
| 2016-10-24 08:10 | dirtycow | CVE-2016-5195 |
| 2016-10-24 08:10 | dirtycow | @nixcraft - How To Patch and Protect Linux Kernel Zero Day Local Privilege Escalation Vulnerability CVE-2016-5195 [ 21/Oct/2016 ] |
| 2016-10-24 08:10 | dirtycow | dirtycow / GitHub - /.github.io |
| 2016-10-24 08:10 | dirtycow | dirtycow / GitHub - /.github.io |
| 2016-10-24 08:10 | dirtycow | gen_dirtycow.yar |
| 2016-10-22 10:10 | dirtycow | JohnGalt14 / Pastebin - Dirty COW Samples |
| 2016-10-21 13:10 | mirai | Swati Khandelwal / The Hacker News - Massive DDoS Attack Against Dyn DNS Service Knocks Popular Sites Offline |
| 2016-10-20 15:10 | ladylinux | Linux.Lady.1 — Dr.Web - innovative anti-virus technologies. Comprehensive protection from Internet threats. |
| 2016-10-19 18:10 | dirtycow | dirtycow / GitHub - /.github.io |
| 2016-10-18 14:10 | mirai | Level 3 Threat Research Labs / Beyond Bandwidth - How the Grinch Stole IoT |
| 2016-10-17 15:10 | torlus | reddit - Hint to decrypt/decode crypted/stripped ELF Torlus/LizKebab/GayFgt/Bashdoor BLJ version • /r/Malware |
| 2016-10-14 18:10 | mirai | Dan Goodin / Ars Technica - Beware of all-powerful DDoS malware infecting cellular gateways, feds warn |
| 2016-10-11 16:10 | mirai | sshowdown-exploitation-of-iot-devices-for-launching-mass-scale-attack-campaigns.pdf |
| 2016-10-09 01:10 | kaiten | Antivirus scan for 0173924f3b91579c2ab3382333f81b09fa2653588b9595243a0d85bd97f7dd11 at
2014-09-04 21:00:39 UTC - VirusTotal |
| 2016-10-08 08:10 | mirai | @securityaffairs / Security Affairs - More than 500,000 IoT devices potentially recruitable in the Mirai Botnet |
| 2016-10-07 14:10 | mirai | _odisseus / Twitter - 784397412400070656 |
| 2016-10-07 13:10 | mirai | MalwareMustDie / Twitter - 784382923373842432 |
| 2016-10-07 00:10 | mirai | @imgur / Imgur - What Mirai's actor the wannabe "xxx.pokemon.inc" master "Anna-Senpai" is doing now.. after Mirai got exposed... Use new modded STD Bot #MalwareMustDie!! |
| 2016-10-05 16:10 | mirai | sierra%20wireless%20technical%20bulletin%20-%20mirai%20-%204oct2016.ashx?la=en |
| 2016-10-05 12:10 | mirai | sudosev / Twitter - 783649032304463873 |
| 2016-10-05 02:10 | mirai | Steve Ragan / CSO Online - Here are the 61 passwords that powered the Mirai IoT botnet |
| 2016-10-05 00:10 | mirai | Dr. J. / SANS Internet Storm Center - The Short Life of a Vulnerable DVR Connected to the Internet |
| 2016-10-04 18:10 | mirai | Tim Greene / Network World - Largest DDoS attack ever delivered by botnet of hijacked IoT devices |
| 2016-10-04 18:10 | mirai | wtfbbq / Pastebin - MIRAI BOTNET PAYLOAD |
| 2016-10-04 18:10 | wopbot | ELF_BASHWOOP.SM - Threat Encyclopedia - Trend Micro USA |
| 2016-10-04 17:10 | wopbot | @iTnews_au / iTnews - First Shellshock botnet attacks Akamai, US DoD networks |
| 2016-10-04 15:10 | torlus | KernelMode.info • View topic - Linux/Bash0day alias Shellshock alias Bashdoor |
| 2016-10-04 15:10 | torlus | Antivirus scan for 73b0d95541c84965fa42c3e257bb349957b3be626dec9d55efcc6ebcba6fa489 at
2014-09-25 08:35:18 UTC - VirusTotal |
| 2016-10-04 15:10 | mirai | Initial analysis of four million login attempts | The Honeynet Project |
| 2016-10-04 14:10 | mirai | Dr. J. / SANS Internet Storm Center - The Short Life of a Vulnerable DVR Connected to the Internet |
| 2016-10-03 23:10 | mirai | Chris Brook / Threatpost | Новости информационной безопасности - Опубликован исходный код DDoS-зловреда Mirai |
| 2016-10-03 15:10 | mirai | MalwareTech / MalwareTech - Mapping Mirai: A Botnet Case Study |
| 2016-10-03 15:10 | mirai | wtfbbq / Pastebin - MIRAI DEFAULT PASSWORDS |
| 2016-10-03 09:10 | mirai | @securityaffairs / Security Affairs - The source code of the Mirai IoT botnet leaked online. Do you trust it? |
| 2016-10-03 03:10 | mirai | completedvrattack.pcap |
| 2016-10-02 21:10 | mirai | Catalin Cimpanu / softpedia - Source Code of DDoS Botnet That Attacked Krebs Released by Its Author |
| 2016-10-02 00:10 | mirai | wtfbbq / Pastebin - MIRAI BOTNET PAYLOAD |
| 2016-10-02 00:10 | torlus | wtfbbq / Pastebin - TELNET HONEYPOT |
| 2016-10-01 21:10 | mirai | _odisseus / Twitter - 782329521680842756 |
| 2016-10-01 00:10 | mirai | Brian Krebs - Source Code for IoT Botnet ‘Mirai’ Released — Krebs on Security |
| 2016-09-30 20:09 | mirai | Pastebin - MIRAI BOTNET SETUP |
| 2016-09-30 19:09 | mirai | Drew FitzGerald / WSJ - Hackers Infect Army of Cameras, DVRs for Massive Internet Attacks |
| 2016-09-28 09:09 | mirai | Swati Khandelwal / The Hacker News - World's largest 1 Tbps DDoS Attack launched from 152,000 hacked Smart Devices |
| 2016-09-27 18:09 | mirai | @securityaffairs / Security Affairs - 150,000 IoT Devices behind the 1Tbps DDoS attack on OVH |
| 2016-09-22 05:09 | mirai | olesovhcom / Twitter - 778830571677978624 |
| 2016-09-21 00:09 | mirai | Brian Krebs - KrebsOnSecurity Hit With Record DDoS — Krebs on Security |
| 2016-09-12 00:09 | ladylinux | @youtube / YouTube - r2con 2016 - zl0wram - Reversing Linux Malware |
| 2016-09-05 07:09 | mirai | @securityaffairs / Security Affairs - Linux/Mirai ELF, when malware is recycled could be still dangerous |
| 2016-09-05 07:09 | mirai | @securityaffairs / Security Affairs - Linux/Mirai ELF, when malware is recycled could be still dangerous |
| 2016-09-01 07:09 | mirai | Bedřich Košata - Telnet stále žije – alespoň na „chytrých“ zařízeních | Blog zaměstnanců CZ.NIC |
| 2016-09-01 02:09 | mirai | unixfreaxjp -
MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled..
|
| 2016-09-01 02:09 | mirai |
MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled..
|
| 2016-09-01 02:09 | mirai | unixfreaxjp - MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled.. |
| 2016-09-01 02:09 | mirai | MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled.. |
| 2016-08-05 00:08 | mirai | HackForums.net - Government Investigating Routernets? |
| 2016-06-06 12:06 | venom | MediaWiki 1.17.2 - EGI CSIRT:Alerts/VENOM-2015-05-13 - EGIWiki |
| 2016-04-15 16:04 | kaiten | unixfreaxjp - MMD-0053-2016 - A bit about ELF/STD IRC Bot: x00's CBack aka xxx.pokemon(.)inc |
| 2016-03-31 17:03 | dirtycow | Dan Goodin / Ars Technica - “Most serious” Linux privilege-escalation bug ever is under active exploit (updated) |
| 2016-03-04 07:03 | torlus | @github / Gist - Ok, shits real. Its in the wild... src:162.253.66.76 |
| 2016-02-07 10:02 | torlus | unixfreaxjp - MMD-0052-2016 - Overview of "SkidDDoS" ELF++ IRC Botnet |
| 2016-02-07 10:02 | kaiten | unixfreaxjp - MMD-0052-2016 - Overview of "SkidDDoS" ELF++ IRC Botnet |
| 2016-02-07 10:02 | torlus | unixfreaxjp - MMD-0052-2016 - Overview of "SkidDDoS" ELF++ IRC Botnet |
| 2016-01-29 17:01 | dirtycow | CVE-2016-5195 - Red Hat Customer Portal |
| 2015-11-18 14:11 | torlus | @wordpressdotcom / Malwr Posts - IOC for GafGyt Malware with MD5 hashes |
| 2015-10-07 21:10 | wifatch | Samburaj Das / Hacked - Malware Peddling Vigilantes behind Linux.Wifatch Speak Up |
| 2015-10-07 11:10 | wifatch | Catalin Cimpanu / softpedia - Creators of the Benevolent Linux.Wifatch Malware Reveal Themselves |
| 2015-10-02 13:10 | wifatch | Samburaj Das / Hacked - Linux.Wifatch: Vigilante Hacker Infects Routers with Malware to Fight Bad Malware |
| 2015-10-01 00:10 | wifatch | @Symantec / Symantec Security Response - Is there an Internet-of-Things vigilante out there? |
| 2015-09-14 14:09 | kaiten | Jeff Jarmoc - RoR CVE-2013-0156 In the Wild - Jarmoc.com |
| 2015-09-01 20:09 | dirtycow | scumjr / GitHub - /dirtycow-vdso |
| 2015-09-01 20:09 | dirtycow | timwr / GitHub - /CVE-2016-5195 |
| 2015-09-01 20:09 | dirtycow | xlucas / GitHub - /dirtycow.cr |
| 2015-09-01 20:09 | mirai | jgamblin / GitHub - /Mirai-Source-Code |
| 2015-09-01 20:09 | wopbot | stamparm / GitHub - /hontel |
| 2015-09-01 20:09 | torlus | gh0std4ncer / GitHub - /lizkebab |
| 2015-06-24 05:06 | dirtycow | @github / Gist - PTRACE_POKEDATA variant of CVE-2016-5195 |
| 2015-05-20 09:05 | darlloz | BalicBilisim - Embedded Device Security & Zollard Botnet Analysis | Balich Information Security |
| 2015-04-26 21:04 | dirtycow | @github / Gist - dirtycow-mem.c |
| 2015-02-02 16:02 | darlloz | Neonprimetime / Pastebin - PHP Injection Attempt: 14.44.81.200 |
| 2015-01-09 00:01 | torlus | Brian Krebs - Lizard Stresser Runs on Hacked Home Routers — Krebs on Security |
| 2014-12-12 09:12 | dirtycow | dirtycow / GitHub - /.github.io |
| 2014-11-16 21:11 | wifatch | @loot_myself / l00t Myself - CASE 1 : Ifwatch Malware Part 2 |
| 2014-11-09 14:11 | wifatch | @loot_myself / l00t Myself - CASE 1 : ifwatch malware Part 1 |
| 2014-10-28 08:10 | kaiten | The Analysis Report About Relevant Malware Samples of Shellshock _V1.9 ——Series Two of Bash Shellshock - Antiy Labs | The Next Generation Anti-Virus Engine Innovator |
| 2014-09-26 21:09 | wopbot | Trend Micro / TrendLabs Security Intelligence Blog - Shellshock Vulnerability Used in Botnet Attacks |
| 2014-09-25 18:09 | wopbot | emgent / Twitter - 515200088067813376 |
| 2014-09-25 05:09 | torlus | tacticalmaid / Twitter - 515012126268604416 |
| 2014-08-14 08:08 | venom | Neo23x0 / GitHub - /signature-base |
| 2014-05-27 16:05 | dirtycow | rapid7 / GitHub - CVE-2016-5195 - DirtyCow privilege escalation by nixawk · Pull Request #7476 · /metasploit-framework |
| 2014-03-19 00:03 | darlloz | @Symantec / Symantec Security Response - IoT Worm Used to Mine Cryptocurrency |
| 2014-02-20 00:02 | darlloz | AVG Now - Linux.Aidra vs Linux.Darlloz: War of the Worms |
| 2014-02-20 00:02 | aidra | AVG Now - Linux.Aidra vs Linux.Darlloz: War of the Worms |
| 2014-01-27 08:01 | darlloz | Fortinet Blog - Malware or Spam Campaign on Internet of Things |
| 2013-12-09 15:12 | darlloz | @THEdarknet / Darknet - The Darkside - Linux.Darlloz Worm Targets x86 Linux PCs & Embedded Devices - Darknet |
| 2013-12-03 22:12 | darlloz | Andre M. DiMino - SemperSecurus - Hey Zollard, leave my Internet of Things alone! |
| 2013-11-27 00:11 | darlloz | @Symantec / Symantec Security Response - Linux Worm Targeting Hidden Devices |
| 2013-11-20 19:11 | wifatch | @DarkReading / Dark Reading - And Now A Malware Tool That Has Your Back |
| 2013-05-30 11:05 | kaiten | unixfreaxjp - Another story of Unix Trojan: Tsunami (IRC/Bot) w/ Flooder, Backdoor at a hacked xBSD via Web Panel Attack |
| 2013-04-10 16:04 | mirai | Sierra Wireless Mitigations Against Mirai Malware | ICS-CERT |
| 2008-12-19 08:12 | dirtycow | Dirty COW (CVE-2016-5195) |
| 2006-10-24 07:10 | dirtycow | @github / Gist - A dirty cow exploit that automatically finds the current user in passwd and changes it's uid to 0 |
| 2006-10-23 11:10 | dirtycow | @github / Gist - exploit for CVE-2016-5195 nothing fancy |
| 2006-10-23 11:10 | dirtycow | @github / Gist - CVE-2016-5195 (DirtyCow) Local Root PoC |
| 2005-10-03 00:10 | darlloz | Technical details of - Linux.Darlloz Worm - General Linux - Admin-Ahead Community |
| 2000-01-01 00:01 | sambacry | Waffles-2 / GitHub - /SambaCry |
| 2000-01-01 00:01 | sambacry | opsxcq / GitHub - /exploit-CVE-2017-7494 |
| 1984-01-11 08:01 | darlloz | linux binary « spamversand |