Trusted Design

New(ish) Mirai Spreader Poses New Risks

概要

A cross-platform win32-based Mirai spreader and botnet is in the wild and previously discussed publicly. However, there is much information confused together, as if an entirely new IoT bot is spreading to and from Windows devices. This is not the case. Instead, an accurate assessment is that a previously active Windows botnet is spreading a Mirai bot variant. So let’s make a level-headed assessment of what is really out there. The earliest we observed this spreader variant pushing Mirai downloaders was January 2017. But this Windows bot is not new. The Windows bot’s spreading method for Mirai is very limited as well – it only delivers the Mirai bots to a Linux host from a Windows host if it successfully brute forces a remote telnet connection. So we don’t have a sensational hop from Linux Mirai to Windows Mirai just yet, that’s just a silly statement.

Created: 2026-02-23

Indicators

類似Pulses

Mirai Botnet Infrastructure (score: 0.69)
Mirai IoT botnet (score: 0.63)
Mirai - An internet of things botnet (score: 0.63)
A new IoT Botnet is Spreading over HTTP 81 on a Large Scale (score: 0.63)
The Reaper is finally here and he has come for your IoT Devices Mjolnir Security (score: 0.62)

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 9.81

Matched TTPs:

T1027.008 - Stripped Payloads
T1049 - System Network Connections Discovery
T1548.006 - TCC Manipulation

MITREへのリンク →

APT5

Score: 5.49

Matched TTPs:

T1027.008 - Stripped Payloads
T1622 - Debugger Evasion

MITREへのリンク →

Ke3chang

Score: 6.19

Matched TTPs:

T1027.008 - Stripped Payloads
T1548.006 - TCC Manipulation

MITREへのリンク →

Axiom

Score: 9.81

Matched TTPs:

T1049 - System Network Connections Discovery
T1622 - Debugger Evasion
T1160 - Launch Daemon

MITREへのリンク →

Sandworm Team

Score: 5.96

Matched TTPs:

T1049 - System Network Connections Discovery
T1548.006 - TCC Manipulation

MITREへのリンク →

Volt Typhoon

Score: 7.61

Matched TTPs:

T1049 - System Network Connections Discovery
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

Contagious Interview

Score: 3.84

Matched TTPs:

T1562.010 - Downgrade Attack

MITREへのリンク →

BlackByte

Score: 5.49

Matched TTPs:

T1562.010 - Downgrade Attack
T1622 - Debugger Evasion

MITREへのリンク →

Gamaredon Group

Score: 8.38

Matched TTPs:

T1562.010 - Downgrade Attack
T1061 - Graphical User Interface

MITREへのリンク →

APT29

Score: 8.38

Matched TTPs:

T1556.008 - Network Provider DLL
T1218.009 - Regsvcs/Regasm

MITREへのリンク →

Scattered Spider

Score: 7.83

Matched TTPs:

T1556.008 - Network Provider DLL
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

LAPSUS$

Score: 6.19

Matched TTPs:

T1556.008 - Network Provider DLL
T1548.006 - TCC Manipulation

MITREへのリンク →

Fox Kitten

Score: 6.51

Matched TTPs:

T1097 - Pass the Ticket
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

HEXANE

Score: 4.17

Matched TTPs:

T1097 - Pass the Ticket
T1622 - Debugger Evasion

MITREへのリンク →

APT41

Score: 6.51

Matched TTPs:

T1097 - Pass the Ticket
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

OilRig

Score: 6.92

Matched TTPs:

T1097 - Pass the Ticket
T1128 - Netsh Helper DLL
T1622 - Debugger Evasion

MITREへのリンク →

Agrius

Score: 4.17

Matched TTPs:

T1097 - Pass the Ticket
T1622 - Debugger Evasion

MITREへのリンク →

APT39

Score: 4.17

Matched TTPs:

T1097 - Pass the Ticket
T1622 - Debugger Evasion

MITREへのリンク →

Dragonfly

Score: 6.51

Matched TTPs:

T1097 - Pass the Ticket
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

APT28

Score: 4.86

Matched TTPs:

T1097 - Pass the Ticket
T1548.006 - TCC Manipulation

MITREへのリンク →

Medusa Group

Score: 6.73

Matched TTPs:

T1128 - Netsh Helper DLL
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

Cobalt Group

Score: 4.39

Matched TTPs:

T1128 - Netsh Helper DLL
T1622 - Debugger Evasion

MITREへのリンク →

FIN6

Score: 6.73

Matched TTPs:

T1128 - Netsh Helper DLL
T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

FIN8

Score: 4.39

Matched TTPs:

T1128 - Netsh Helper DLL
T1622 - Debugger Evasion

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Wizard Spider

Score: 3.99

Matched TTPs:

T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

FIN13

Score: 3.99

Matched TTPs:

T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

menuPass

Score: 3.99

Matched TTPs:

T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

Chimera

Score: 3.99

Matched TTPs:

T1622 - Debugger Evasion
T1548.006 - TCC Manipulation

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

HAFNIUM

Score: 0.80

Matched TTPs:

T1548.006 - TCC Manipulation
T1027.008 - Stripped Payloads
T1049 - System Network Connections Discovery

MITREへのリンク →

Axiom

Score: 0.78

Matched TTPs:

T1622 - Debugger Evasion
T1160 - Launch Daemon
T1049 - System Network Connections Discovery

MITREへのリンク →

Scattered Spider

Score: 0.67

Matched TTPs:

T1622 - Debugger Evasion
T1556.008 - Network Provider DLL
T1548.006 - TCC Manipulation

MITREへのリンク →

Gamaredon Group

Score: 0.67

Matched TTPs:

T1562.010 - Downgrade Attack
T1061 - Graphical User Interface

MITREへのリンク →

APT29

Score: 0.66

Matched TTPs:

T1218.009 - Regsvcs/Regasm
T1556.008 - Network Provider DLL

MITREへのリンク →

Volt Typhoon

Score: 0.64

Matched TTPs:

T1622 - Debugger Evasion
T1548.006 - TCC Manipulation
T1049 - System Network Connections Discovery

MITREへのリンク →

Medusa Group

Score: 0.57

Matched TTPs:

T1622 - Debugger Evasion
T1548.006 - TCC Manipulation
T1128 - Netsh Helper DLL

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る