216.73.217.50

Update: CVE-2024-4577 quickly weaponized to distribute Ransomware

· Published 11/06/2024 10:13 · Modified 11/06/2024 10:31

Export JSON

Essential information

Published
11/06/2024 10:13
Modified
11/06/2024 10:31
Tags
2024-06-11 CVE-2024-4577 encryption exploit infection ransomware tellyouthepass
Related entities
5 vulnerabilities (cve), 5 observables, 11 techniques (mitre), 1 malware

Description

The report describes an attack campaign leveraging the vulnerability to deliver the "" . The attackers use the vulnerability to execute arbitrary PHP code and run a malicious HTML application that loads a .NET variant of the into memory. Upon execution, the contacts a command-and-control server, enumerates directories, terminates processes, encrypts files, and leaves a ransom note.

External references