Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence
Tags
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Confluence - T1213.001 Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Template Injection - T1221
Show in Graph
Common Information
Type Value
UUID 0888d467-3fc6-47b1-b82d-7020d9d0f443
Fingerprint ac4d09dce03f0e89
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 30, 2024, midnight
Added to db Aug. 31, 2024, 6:27 a.m.
Last updated Nov. 5, 2024, 10:49 a.m.
Headline Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence
Title Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence
Detected Hints/Tags/Attributes 51/1/4
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_us/research/24/h/godzilla-fileless-backdoors.html?&web_view=true
Details Source https://www.trendmicro.com/en_us/research/24/h/godzilla-fileless-backdoors.html
Details Source https://www.trendmicro.com/en_ca/research/24/h/godzilla-fileless-backdoors.html
Details Source https://www.trendmicro.com/en_se/research/24/h/godzilla-fileless-backdoors.html
Details Source https://www.trendmicro.com/en_gb/research/24/h/godzilla-fileless-backdoors.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 99 Cyware News - Latest Cyber News https://cyware.com/allnews/feed 2024-08-30 22:08
Details 119 Trend Micro Research, News and Perspectives https://feeds.feedburner.com/TrendMicroSimplySecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 34 
cve-2023-22527
Details File 9 
backdoor.js
Details sha1 2 
dfeccdc0c1d28f1afd64a7bb328754d07eead10c
Details sha1 2 
2cb94ce0b147303b7beb91f034d0dc7fa734dbcb