216.73.217.176

Who You Gonna Call? AndroxGh0st Busters!

· Published 17/07/2024 07:34 · Modified 17/07/2024 07:58

Export JSON

Essential information

Published
17/07/2024 07:34
Modified
17/07/2024 07:58
Tags
2024-07-17 CVE-2017-9841 CVE-2018-15133 CVE-2021-41773 androxgh0st botnet credential-theft python rce exploitation web exploitation
Related entities
3 vulnerabilities (cve), 7 observables, 1 intrusion sets (apt), 9 techniques (mitre), 1 malware

Description

This report discusses the malware, a -scripted threat targeting Laravel web applications to steal sensitive data like credentials and abuse other functionality. It exploits vulnerabilities like , , and . The malware scans for exposed .env files containing credentials and uses techniques like remote code execution to gain access. Mitigations include keeping systems updated, secure configurations, credential management, network security, and scanning for malicious files.

External references