Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services [Thursday, January 11, 2024]

FBot is a Python-based hacking tool distinct from other cloud malware families, targeting web servers, cloud services, and SaaS platforms like AWS,...
Exploring FBot  | Python-Based Malware Targeting Cloud and Payment Services [Thursday, January 11, 2024]
Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services
Report

Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services

Description :
FBot is a Python-based hacking tool distinct from other cloud malware families, targeting web servers, cloud services, and SaaS platforms like AWS, Office365, PayPal, Sendgrid, and Twilio. FBot does not utilize the widely-used Androxgh0st code but shares similarities with the Legion cloud infostealer in functionality and design.Key features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various SaaS accounts.FBot is characterized by a smaller footprint compared to similar tools, indicating possible private development and a more targeted distribution approach.

Published Created Modified
2024-01-11 23:19:38 2024-01-11 23:19:38 2024-01-11 23:24:15

Tags

Indicators

URLs :
  • www.robertkalinkin.com
Hashes :
  • c92c112dfc91a72d7293772b741c2eab3bc42ee539ed5881f2edcc3e5cb669f3
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.