Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
Tags
country: China South Korea Thailand Philippines Vietnam Taiwan U.S. Virgin Islands
maec-delivery-vectors: Watering Hole
attack-pattern: Data Appdomainmanager - T1574.014 Cloud Services - T1021.007 Dll Side-Loading - T1574.002 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Web Services - T1583.006 Web Services - T1584.006 Dll Side-Loading - T1073
Show in Graph
Common Information
Type Value
UUID b200addf-b9cf-44f4-bf9f-cdec2e4f4031
Fingerprint 74c899154ea78f4b
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 23, 2024, 10:19 a.m.
Added to db Sept. 23, 2024, 8:37 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
Title Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
Detected Hints/Tags/Attributes 43/3/4
Source URLs
Redirection Url
Details Source https://thehackernews.com/2024/09/chinese-hackers-exploit-geoserver-flaw.html
URL Provider
Details Provider Source level domain
Details thehackernews.com thehackernews.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 118 The Hacker News https://feeds.feedburner.com/TheHackersNews 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 56 
cve-2024-36401
Details File 2 
eagle.dll
Details File 93 
curl.exe
Details Threat Actor Identifier - APT 522 
APT41