Trusted Design

NetGear Bug Weaponized to a full blown IOT Botnet loader and shared in hacking forums

概要

We have discovered that Bug 60281 in two NetGear routers has been weaponized to a full blown IOT botnet loader and is been shared in hacking forums. One common trend in Cybersecurity is that if there is a good working proof of concept of an exploit , it’s just a matter of time that it will be abused by attackers. We see a similar trend now in IOT exploits.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

NCCIC / US-CERT: IB-17-20217-Indicators Related to IOT_Reaper Malware (score: 0.66)
Gafgyt botnet (score: 0.65)
Exploitkit (gateways) (april 2016) (score: 0.61)
Linux/IRCTelnet (new Aidra) - A DDoS botnet aims IoT w/ IPv6 ready (score: 0.60)
Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit (score: 0.59)

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 9.32

Matched TTPs:

T1557 - Adversary-in-the-Middle
T1608.001 - Upload Malware
T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

Kimsuky

Score: 16.10

Matched TTPs:

T1557 - Adversary-in-the-Middle
T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1588.005 - Exploits
T1078.003 - Local Accounts

MITREへのリンク →

Sea Turtle

Score: 9.47

Matched TTPs:

T1557 - Adversary-in-the-Middle
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1078.003 - Local Accounts

MITREへのリンク →

Volt Typhoon

Score: 14.59

Matched TTPs:

T1584.008 - Network Devices
T1069 - Permission Groups Discovery
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1124 - System Time Discovery

MITREへのリンク →

APT28

Score: 23.05

Matched TTPs:

T1584.008 - Network Devices
T1190 - Exploit Public-Facing Application
T1557.004 - Evil Twin
T1583.006 - Web Services
T1210 - Exploitation of Remote Services
T1039 - Data from Network Shared Drive
T1203 - Exploitation for Client Execution
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

ZIRCONIUM

Score: 8.23

Matched TTPs:

T1584.008 - Network Devices
T1583.006 - Web Services
T1124 - System Time Discovery

MITREへのリンク →

Leviathan

Score: 6.59

Matched TTPs:

T1584.008 - Network Devices
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT41

Score: 6.25

Matched TTPs:

T1069 - Permission Groups Discovery
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution

MITREへのリンク →

Scattered Spider

Score: 3.29

Matched TTPs:

T1069 - Permission Groups Discovery

MITREへのリンク →

TA505

Score: 5.26

Matched TTPs:

T1069 - Permission Groups Discovery
T1608.001 - Upload Malware

MITREへのリンク →

APT3

Score: 4.78

Matched TTPs:

T1069 - Permission Groups Discovery
T1203 - Exploitation for Client Execution

MITREへのリンク →

FIN13

Score: 4.76

Matched TTPs:

T1069 - Permission Groups Discovery
T1190 - Exploit Public-Facing Application

MITREへのリンク →

HAFNIUM

Score: 13.61

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1583.006 - Web Services
T1078.003 - Local Accounts

MITREへのリンク →

APT5

Score: 5.31

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Ke3chang

Score: 5.31

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Sandworm Team

Score: 8.56

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1203 - Exploitation for Client Execution

MITREへのリンク →

TA2541

Score: 3.99

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

Earth Lusca

Score: 11.82

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1210 - Exploitation of Remote Services
T1584.006 - Web Services

MITREへのリンク →

OilRig

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

LazyScripter

Score: 3.99

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

Gamaredon Group

Score: 7.02

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1039 - Data from Network Shared Drive

MITREへのリンク →

Threat Group-3390

Score: 7.68

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

BlackByte

Score: 3.44

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

BITTER

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT32

Score: 8.14

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1078.003 - Local Accounts

MITREへのリンク →

Saint Bear

Score: 5.48

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

Contagious Interview

Score: 3.99

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

FIN7

Score: 13.46

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1210 - Exploitation of Remote Services
T1124 - System Time Discovery
T1078.003 - Local Accounts

MITREへのリンク →

EXOTIC LILY

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

Ember Bear

Score: 9.84

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution
T1588.005 - Exploits

MITREへのリンク →

Magic Hound

Score: 3.48

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.006 - Web Services

MITREへのリンク →

Medusa Group

Score: 3.48

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.006 - Web Services

MITREへのリンク →

Fox Kitten

Score: 7.25

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1210 - Exploitation of Remote Services
T1039 - Data from Network Shared Drive

MITREへのリンク →

menuPass

Score: 7.25

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1210 - Exploitation of Remote Services
T1039 - Data from Network Shared Drive

MITREへのリンク →

Winter Vivern

Score: 5.09

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1584.006 - Web Services

MITREへのリンク →

APT29

Score: 7.64

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1078.003 - Local Accounts

MITREへのリンク →

UNC3886

Score: 5.56

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Dragonfly

Score: 5.71

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

Axiom

Score: 11.12

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1203 - Exploitation for Client Execution
T1001.002 - Steganography

MITREへのリンク →

Play

Score: 4.14

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1078.003 - Local Accounts

MITREへのリンク →

MuddyWater

Score: 7.72

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1659 - Content Injection

MITREへのリンク →

Turla

Score: 10.89

Matched TTPs:

T1583.006 - Web Services
T1584.006 - Web Services
T1124 - System Time Discovery
T1078.003 - Local Accounts

MITREへのリンク →

Lazarus Group

Score: 6.10

Matched TTPs:

T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Confucius

Score: 3.51

Matched TTPs:

T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

Tonto Team

Score: 4.24

Matched TTPs:

T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

RedCurl

Score: 3.03

Matched TTPs:

T1039 - Data from Network Shared Drive

MITREへのリンク →

BRONZE BUTLER

Score: 7.12

Matched TTPs:

T1039 - Data from Network Shared Drive
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Sowbug

Score: 3.03

Matched TTPs:

T1039 - Data from Network Shared Drive

MITREへのリンク →

Chimera

Score: 5.63

Matched TTPs:

T1039 - Data from Network Shared Drive
T1124 - System Time Discovery

MITREへのリンク →

CURIUM

Score: 6.21

Matched TTPs:

T1584.006 - Web Services
T1124 - System Time Discovery

MITREへのリンク →

Sidewinder

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

The White Company

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Higaisa

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Tropic Trooper

Score: 4.16

Matched TTPs:

T1203 - Exploitation for Client Execution
T1078.003 - Local Accounts

MITREへのリンク →

Darkhotel

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

DarkVishnya

Score: 4.54

Matched TTPs:

T1200 - Hardware Additions

MITREへのリンク →

APT38

Score: 4.54

Matched TTPs:

T1036.006 - Space after Filename

MITREへのリンク →

Velvet Ant

Score: 6.80

Matched TTPs:

T1078.003 - Local Accounts
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.80

Matched TTPs:

T1583.006 - Web Services
T1211 - Exploitation for Defense Evasion
T1557.004 - Evil Twin
T1210 - Exploitation of Remote Services
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1584.008 - Network Devices
T1039 - Data from Network Shared Drive

MITREへのリンク →

Kimsuky

Score: 0.57

Matched TTPs:

T1557 - Adversary-in-the-Middle
T1583.006 - Web Services
T1608.001 - Upload Malware
T1588.005 - Exploits
T1190 - Exploit Public-Facing Application
T1078.003 - Local Accounts

MITREへのリンク →

Volt Typhoon

Score: 0.55

Matched TTPs:

T1584.005 - Botnet
T1124 - System Time Discovery
T1069 - Permission Groups Discovery
T1190 - Exploit Public-Facing Application
T1584.008 - Network Devices

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る