April 26, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Kraken and LockerGoga Ransomware – IoCs
January 1, 2020Rewterz Threat Alert – New Tactics to Bypass Email Spam Filters for Delivering Sextortion Scams
January 2, 2020Rewterz Threat Alert – Kraken and LockerGoga Ransomware – IoCs
January 1, 2020Rewterz Threat Alert – New Tactics to Bypass Email Spam Filters for Delivering Sextortion Scams
January 2, 2020
Severity
Medium
Analysis summary
Ouija malware is similar to the Mirai botnet. The exploit source attempts to create a web shell and install malware with wget command. Mirai botnet is a malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. Ouija may take over unsecure IoT devices for the same purpose. Its C&C was detected to be 212[.]237[.]46[.]158.
Impact
- DDoS
- Information Theft
- Taking over of IoT devices
Indicators of Compromise
Source IP
- 212.237.46[.]158
- 39.109.161[.]146
URL
- hxxp[:]//212.237.46.158/mipsel
Remediation
Block the threat indicators at their respective controls.