FudModule Rootkit Targets Crypto - Cyble
Tags
country: North Korea
attack-pattern: Data Direct Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Software - T1592.002 Rootkit - T1014 Rootkit
Show in Graph
Common Information
Type Value
UUID ade1ebbf-42fa-4eeb-ad42-4dd4faa62870
Fingerprint 8c8211958ab1bfa5
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 4, 2024, 4:04 a.m.
Added to db Sept. 4, 2024, 4:19 p.m.
Last updated Nov. 12, 2024, 11:52 a.m.
Headline FudModule Rootkit Targets Crypto, Linked to North Korean Citrine Sleet Group
Title FudModule Rootkit Targets Crypto - Cyble
Detected Hints/Tags/Attributes 42/2/5
Source URLs
Redirection Url
Details Source https://cyble.com/blog/fudmodule-rootkit-targets-crypto-linked-to-north-korean-citrine-sleet-group/
URL Provider
Details Provider Source level domain
Details cyble.com cyble.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 98 Cyble https://cyble.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 57 
cve-2024-7971
Details CVE 23 
cve-2024-21338
Details CVE 37 
cve-2024-38193
Details Domain 12 
voyagorclub.space
Details Mandiant Uncategorized Groups 59 
UNC4736