Araneida Scanner: Cracked Acunetix Web App & API Scanner Discovered
Essential information
- Published
- 20/12/2024 08:49
- Modified
- 20/12/2024 11:42
- Tags
- 2024-12-20 araneida scanner cracked acunetix credential-theft data scraping reconnaissance telegram web vulnerability
- Related entities
- 13 observables, 10 techniques (mitre), 1 malware, 5 others
Description
Silent Push Threat Analysts have uncovered the Araneida Scanner, a cracked version of Acunetix being used for illegal purposes. The scanner is employed for offensive reconnaissance, user data scraping, and vulnerability exploitation. It was detected during a partner's reconnaissance effort, prompting an investigation. The tool is being promoted on Telegram, where actors boast about taking over thousands of websites and selling stolen credentials. A separate Chinese-language panel, also likely using cracked Acunetix software, was discovered. Both tools pose significant threats for reconnaissance prior to sophisticated attacks. The investigation revealed multiple IP addresses hosting Araneida customer panels and the continued sale of the scanner through a specific domain.