ioc[.]one - OSINT Cyber Threat Intelligence Database

Meet Muhstik - IoT Botnet Infecting Cloud Servers

Tags

country:	China
maec-delivery-vectors:	Watering Hole
attack-pattern:	Botnet - T1583.005 Botnet - T1584.005 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Vulnerability Scanning - T1595.002

Show in Graph

Common Information

Type	Value
UUID	a31a8cb1-b9c3-4b34-a235-3ccae5d8815c
Fingerprint	948081c98dfc25f3
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 10, 2020, midnight
Added to db	Aug. 31, 2024, 10:04 a.m.
Last updated	Nov. 17, 2024, 5:56 p.m.
Headline	Meet Muhstik - IoT Botnet Infecting Cloud Servers
Title	Meet Muhstik - IoT Botnet Infecting Cloud Servers
Detected Hints/Tags/Attributes	56/3/42

Source URLs

	Redirection	Url
Details	Source	https://www.lacework.com/blog/meet-muhstik-iot-botnet-infecting-cloud-servers

URL Provider

Details	Provider	Source level domain
Details	lacework.com	www.lacework.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	326	✔	Lacework Blog	https://www.lacework.com/lacework_blog.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	66	cve-2019-2725
Details	CVE	81	cve-2017-10271
Details	CVE	56	cve-2018-7600
Details	Domain	4	irc.de-zahlung.eu
Details	Domain	3	irc.deutschland-zahlung.net
Details	Domain	1	irc.deutschland-zahlung.eu
Details	Domain	1	irc.shadow-mods.net
Details	Domain	1	xmr.shadow-mods.net
Details	Domain	2	irc.de
Details	Domain	2	cnc.changeme.com
Details	Domain	3	shadow-mods.net
Details	Domain	154	youtu.be
Details	Domain	3	jaygame.net
Details	Domain	3	fflyy.su
Details	Domain	3	kei.su
Details	Domain	1	ffly.su
Details	Domain	3	deutschland-zahlung.eu
Details	Domain	3	fd6fq54s6df541q23sdxfg.eu
Details	Domain	1	derpcity.ru
Details	Domain	3	pokemoninc.com
Details	Domain	768	www.youtube.com
Details	md5	1	d4cf8e4ab26f7fd15ef7df9f7937493d
Details	IPv4	4	159.89.156.190
Details	IPv4	5	167.99.39.134
Details	IPv4	3	128.199.251.119
Details	IPv4	1	188.213.174.29
Details	IPv4	3	185.86.148.14
Details	IPv4	2	185.165.171.78
Details	IPv4	4	46.149.233.35
Details	IPv4	4	185.61.149.22
Details	IPv4	4	68.66.253.100
Details	IPv4	2	173.255.240.191
Details	IPv4	1	51.210.8.207
Details	IPv4	2	162.249.2.189
Details	IPv4	2	185.62.137.56
Details	IPv4	1	77.233.160.103
Details	Url	2	http://159.89.156.190/.y/pty2
Details	Url	3	http://167.99.39.134/.x/pty3
Details	Url	1	http://128.199.251.119/.x/baste
Details	Url	1	http://188.213.174.29/wp-content/themes/twentysixteen/xmra64
Details	Url	1	https://youtu.be/dqw4w9wgxcq
Details	Url	1	https://www.youtube.com/watch?v=jzqy6ujxpcq