Trusted Design

New(ish) Mirai Spreader Poses New Risks

概要

A cross-platform win32-based Mirai spreader and botnet is in the wild and previously discussed publicly. However, there is much information confused together, as if an entirely new IoT bot is spreading to and from Windows devices. This is not the case. Instead, an accurate assessment is that a previously active Windows botnet is spreading a Mirai bot variant. So let’s make a level-headed assessment of what is really out there. The earliest we observed this spreader variant pushing Mirai downloaders was January 2017. But this Windows bot is not new. The Windows bot’s spreading method for Mirai is very limited as well – it only delivers the Mirai bots to a Linux host from a Windows host if it successfully brute forces a remote telnet connection. So we don’t have a sensational hop from Linux Mirai to Windows Mirai just yet, that’s just a silly statement.

Created: 2026-02-23

Indicators

類似Pulses

Mirai Botnet Infrastructure (score: 0.69)
Mirai IoT botnet (score: 0.63)
Mirai - An internet of things botnet (score: 0.63)
A new IoT Botnet is Spreading over HTTP 81 on a Large Scale (score: 0.63)
The Reaper is finally here and he has come for your IoT Devices Mjolnir Security (score: 0.62)

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 9.81

Matched TTPs:

T1583.005 - Botnet
T1584.005 - Botnet
T1003.003 - NTDS

MITREへのリンク →

APT5

Score: 5.49

Matched TTPs:

T1583.005 - Botnet
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Ke3chang

Score: 6.19

Matched TTPs:

T1583.005 - Botnet
T1003.003 - NTDS

MITREへのリンク →

Axiom

Score: 9.81

Matched TTPs:

T1584.005 - Botnet
T1021.001 - Remote Desktop Protocol
T1001.002 - Steganography

MITREへのリンク →

Sandworm Team

Score: 5.96

Matched TTPs:

T1584.005 - Botnet
T1003.003 - NTDS

MITREへのリンク →

Volt Typhoon

Score: 7.61

Matched TTPs:

T1584.005 - Botnet
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Contagious Interview

Score: 3.84

Matched TTPs:

T1480 - Execution Guardrails

MITREへのリンク →

BlackByte

Score: 5.49

Matched TTPs:

T1480 - Execution Guardrails
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Gamaredon Group

Score: 8.38

Matched TTPs:

T1480 - Execution Guardrails
T1001 - Data Obfuscation

MITREへのリンク →

APT29

Score: 8.38

Matched TTPs:

T1621 - Multi-Factor Authentication Request Generation
T1090.004 - Domain Fronting

MITREへのリンク →

Scattered Spider

Score: 7.83

Matched TTPs:

T1621 - Multi-Factor Authentication Request Generation
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

LAPSUS$

Score: 6.19

Matched TTPs:

T1621 - Multi-Factor Authentication Request Generation
T1003.003 - NTDS

MITREへのリンク →

Fox Kitten

Score: 6.51

Matched TTPs:

T1110 - Brute Force
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

HEXANE

Score: 4.17

Matched TTPs:

T1110 - Brute Force
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT41

Score: 6.51

Matched TTPs:

T1110 - Brute Force
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

OilRig

Score: 6.92

Matched TTPs:

T1110 - Brute Force
T1573.002 - Asymmetric Cryptography
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Agrius

Score: 4.17

Matched TTPs:

T1110 - Brute Force
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT39

Score: 4.17

Matched TTPs:

T1110 - Brute Force
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Dragonfly

Score: 6.51

Matched TTPs:

T1110 - Brute Force
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

APT28

Score: 4.86

Matched TTPs:

T1110 - Brute Force
T1003.003 - NTDS

MITREへのリンク →

Medusa Group

Score: 6.73

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Cobalt Group

Score: 4.39

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

FIN6

Score: 6.73

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

FIN8

Score: 4.39

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Wizard Spider

Score: 3.99

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

FIN13

Score: 3.99

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

menuPass

Score: 3.99

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Chimera

Score: 3.99

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

HAFNIUM

Score: 0.80

Matched TTPs:

T1584.005 - Botnet
T1583.005 - Botnet
T1003.003 - NTDS

MITREへのリンク →

Axiom

Score: 0.78

Matched TTPs:

T1584.005 - Botnet
T1001.002 - Steganography
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Scattered Spider

Score: 0.67

Matched TTPs:

T1003.003 - NTDS
T1021.001 - Remote Desktop Protocol
T1621 - Multi-Factor Authentication Request Generation

MITREへのリンク →

Gamaredon Group

Score: 0.67

Matched TTPs:

T1480 - Execution Guardrails
T1001 - Data Obfuscation

MITREへのリンク →

APT29

Score: 0.66

Matched TTPs:

T1090.004 - Domain Fronting
T1621 - Multi-Factor Authentication Request Generation

MITREへのリンク →

Volt Typhoon

Score: 0.64

Matched TTPs:

T1584.005 - Botnet
T1003.003 - NTDS
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Medusa Group

Score: 0.57

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1003.003 - NTDS
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る