Smargaft Harnesses EtherHiding for Stealthy C2 Hosting [Monday, February 05, 2024]

Smargaft uses the Binance Smart Chain to host commands and control(C2) server, and it spreads through Shell scripts to keep itself going. Because o...
Smargaft Harnesses EtherHiding for Stealthy C2 Hosting [Monday, February 05, 2024]
Smargaft Harnesses EtherHiding for Stealthy C2 Hosting

Smargaft Harnesses EtherHiding for Stealthy C2 Hosting

Description :
Smargaft uses the Binance Smart Chain to host commands and control(C2) server, and it spreads through Shell scripts to keep itself going. Because of its smart use of contracts and Gafgyt's methods, we've decided to call it Smargaft. It mainly does DDoS attacks, runs system commands, and lets users connect anonymously using socks5 proxy.

Published Created Modified
2024-02-05 14:30:13 2024-02-05 14:30:13 2024-02-05 14:39:10

Tags

Indicators

IPv4s : Malwares :
  • Smargaft
Hashes :
  • 9ebcac15e36dd79439d5f92febf1933e0a68e75cc1e9eecb6369e4b3317e2949
MITRE ATT&CK Techniques : Other observables :
  • CVE-2013-5948
  • CVE-2020-8515

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.