- CREATED 1 DAY AGO
- MODIFIED 19 HOURS AGO by AlienVault
- Public
- TLP: White
Guardicore reveals new details in the Indexsinas SMB worm, which infects servers across the world and threatens the security of the entire internet, and is being used to propagate the attack.
REFERENCES: https://www.guardicore.com/labs/smb-wormindexsinas/https://github.com/guardicore/labs_campaigns/blob/master/Indexsinas/files.md
TAGS:doublepulsar, indexsinas, equation group, Worm, SMB, EternalBlue, NSABuffMiner
INDUSTRIES:Telecommunication, Government, Medical, Telecommunications, Education, Hospitality, Healthcare
MALWARE FAMILIES:DoublePulsar, Equation, Indexsinas
ATT&CK IDS:T1036 – Masquerading, T1040 – Network Sniffing, T1046 – Network Service Scanning, T1053 – Scheduled Task/Job, T1055 – Process Injection, T1059 – Command and Scripting Interpreter, T1187 – Forced Authentication