UNK_MassTraction
· Published 07/07/2026 16:16 · Modified 07/07/2026 16:16
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 07/07/2026 16:16
- Modified
- 07/07/2026 16:16
- Updated at
- 07/07/2026 16:16
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 4 malware, 1 sectors, 2 countries, 6 indicators, 3 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Malware (4)
-
VSHELL usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
IceCube usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
SquareShell usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
SNOWLIGHT usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (1)
-
Education targets
Countries (2)
-
Canada targets
-
United States of America targets
Indicators (6)
-
stix 100/100· Valid until 05/08/2026 · Source: AlienVault
-
stix 100/100· Valid until 05/08/2026 · Source: AlienVault
-
45.150.109.151indicatesstix 100/100CC=BG ASN=AS57844 spdnet telekomunikasyon hizmetleri bilgi teknolojileri taahhut sanayi ve ticaret a.s.
· Valid until 31/07/2026 · Source: AlienVault -
45.86.229.111indicatesstix 100/100CC=US ASN=AS62005 bluevps ou
· Valid until 31/07/2026 · Source: AlienVault -
stix 100/100· Valid until 03/07/2027 · Source: AlienVault
-
194.213.18.133indicatesstix 100/100CC=GB ASN=ASNone
· Valid until 31/07/2026 · Source: AlienVault
Vulnerabilities (CVE) (3)
9.3
Critical
RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a remote attacker to steal and send emails of a victim …
- Attack vector
- Network
- Published
- 09/06/2025
- Modified
- 21/12/2025
9.9
Critical
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL …
- Attack vector
- NETWORK
- Published
- 02/06/2025
- Modified
- 26/02/2026
9.4
Critical
Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.
- Attack vector
- Network
- Published
- 26/05/2023
- Modified
- 21/12/2025