Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls - Arctic Wolf
Common Information
Type Value
UUID 40dd5c49-c316-4cfd-a17e-7d61ae549d00
Fingerprint 23a18895910dbfe8
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 10, 2025, 4:26 p.m.
Added to db Jan. 10, 2025, 11:38 p.m.
Last updated Jan. 19, 2025, 10:18 a.m.
Headline Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls
Title Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls - Arctic Wolf
Detected Hints/Tags/Attributes 84/2/30
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 16 Arctic Wolf https://arcticwolf.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Autonomous System Number 2
AS149440
Details Autonomous System Number 26
AS20473
Details Autonomous System Number 36
AS14061
Details Autonomous System Number 6
AS62240
Details Autonomous System Number 2
AS50867
Details Autonomous System Number 2
AS212238
Details Autonomous System Number 9
AS399629
Details CVE 2
cve-2022-26118
Details File 2
add_backdoor_user.txt
Details IPv4 1673
127.0.0.1
Details IPv4 342
8.8.8.8
Details IPv4 77
8.8.4.4
Details IPv4 236
1.1.1.1
Details IPv4 40
2.2.2.2
Details IPv4 23
127.0.0.2
Details IPv4 3
23.27.140.65
Details IPv4 3
66.135.27.178
Details IPv4 3
157.245.3.251
Details IPv4 13
45.55.158.47
Details IPv4 3
167.71.245.10
Details IPv4 3
137.184.65.71
Details IPv4 9
155.133.4.175
Details IPv4 7
31.192.107.165
Details IPv4 9
37.19.196.65
Details IPv4 3
64.190.113.25
Details MITRE ATT&CK Techniques 604
T1190
Details MITRE ATT&CK Techniques 58
T1136.001
Details MITRE ATT&CK Techniques 211
T1133
Details MITRE ATT&CK Techniques 47
T1078.001
Details MITRE ATT&CK Techniques 32
T1003.006