Dragon RaaS
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 12:24
- Modified
- 21/12/2025 12:24
- Updated at
- 21/12/2025 12:24
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 13 attack patterns (mitre), 2 malware, 2 sectors, 11 countries, 2 indicators, 10 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
13 MITREs 2 Malwares 1 APT
Attack patterns (MITRE) (13)
-
T1071 usesApplication Layer Protocol MITRE
-
T1078 usesValid Accounts MITRE
-
T1490 usesInhibit System Recovery MITRE
-
T1102 usesWeb Service MITRE
-
T1110 usesBrute Force MITRE
-
T1505.003 usesWeb Shell MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1573.001 usesSymmetric Cryptography MITRE
-
T1566 usesPhishing MITRE
-
T1486 usesData Encrypted for Impact MITRE
-
T1190 usesExploit Public-Facing Application MITRE
-
T1059.001 usesPowerShell MITRE
Malware (2)
-
Dragon RaaS usesFamily
-
StormCry usesFamily
Sectors (2)
-
Education targets
-
Government targets
Countries (11)
-
Iran, Islamic Republic of targets
-
Canada targets
-
Israel targets
-
United Kingdom of Great Britain and Northern Ireland targets
-
Yemen targets
-
Italy targets
-
United States of America targets
-
France targets
-
Germany targets
-
Ukraine targets
-
Netherlands targets
Indicators (2)
-
96ba3ba94db07e895090cdaca701a922523649cf6d6801b358c5ff62416be9faindicates -
jso-tools.z-x.my.idindicates
Vulnerabilities (CVE) (10)
The Slider Revolution WordPress plugin through 6.6.12 does not check for valid image files upon import, leading to an arbitrary file upload …
- Attack vector
- NETWORK
- Published
- 19/06/2023
- Modified
- 21/12/2025
The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation …
- Attack vector
- Network
- Complexity
- Low
- Published
- 05/02/2024
- Modified
- 08/04/2026
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from …
- Attack vector
- NETWORK
- Published
- 27/10/2022
- Modified
- 21/12/2025
Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions …
- Attack vector
- NETWORK
- Published
- 27/10/2022
- Modified
- 21/12/2025
The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.9 …
- Attack vector
- Network
- Complexity
- Low
- Published
- 14/05/2024
- Modified
- 08/04/2026
The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 …
- Attack vector
- Network
- Complexity
- Low
- Published
- 14/05/2024
- Modified
- 08/04/2026
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'porto_ajax_posts' …
- Attack vector
- NETWORK
- Published
- 14/05/2024
- Modified
- 21/12/2025
Unrestricted Upload of File with Dangerous Type vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.6.15.
- Attack vector
- NETWORK
- Published
- 20/12/2023
- Modified
- 21/12/2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects …
- Attack vector
- Network
- Complexity
- Low
- Published
- 05/10/2024
- Modified
- 27/04/2026
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via 'porto_page_header_shortcode_type', 'slideshow_type' …
- Attack vector
- NETWORK
- Published
- 14/05/2024
- Modified
- 21/12/2025