![]() ![]() The DDoS attack was launched by leveraging DanaBot to deliver a second-stage malware payload using the download and execute command.A threat actor using DanaBot has launched a Distributed Denial of Service (DDoS) attack against the Ukrainian Ministry of Defense’s webmail server.The DDoS attack payload was written and distributed similarly to the Ukrainian Ministry of Defense DDoS payload on March 2, 2022: Key Points ![]() ![]() Given the threat actor’s previous targeting, this seems like the likely target. The portal will be available to Russian citizens, including soldiers' families or acquaintances, to obtain information on the condition and whereabouts of prisoners.” “.an information resource of the Office of the National Security and Defense Council of Ukraine, which provides information about prisoners of war of the Russian Armed Forces who have invaded the territory of Ukraine since February 24, 2022. This site claims to be (Google translated): According to Passive DNS data, this IP address has recently been associated with invaders-rfcom. DanaBot affiliate ID 5 has stopped DDoSing the Ukrainian Ministry of Defense’s webmail server and started DDoSing a hardcoded IP address, 158.
0 Comments
Leave a Reply. |