8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency
Tags
country: Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Tool - T1588.002 Brute Force - T1110 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 16a728e6-fa00-4a2e-a7c6-3d6a99389168
Fingerprint 922dbd319537ab27
Analysis status DONE
Considered CTI value 1
Text language
Published May 18, 2023, 3:01 p.m.
Added to db May 25, 2023, 1:27 a.m.
Last updated Oct. 16, 2024, 1:34 a.m.
Headline 8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency
Title 8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency
Detected Hints/Tags/Attributes 49/3/4
Source URLs
Redirection Url
Details Source https://thehackernews.com/2023/05/8220-gang-exploiting-oracle-weblogic.html
URL Provider
Details Provider Source level domain
Details thehackernews.com thehackernews.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 118 The Hacker News https://feeds.feedburner.com/TheHackersNews 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 14 
cve-2017-3506
Details Domain 5 
work.letmaker.top
Details Domain 3 
su-94.letmaker.top
Details IPv4 7 
179.43.155.202