Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: New telnet attack? command injection against telnet... - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New telnet attack? command injection against telnet...
Hello Eric,

Could be a buggy bot script?
The set of commands sent as username is coming from the classic Gafgyt malware…
Could you share the IP addresses with me please?

KR,
Xme

263 Posts
ISC Handler
I don't think so. That malware apparently tries a dictionary attack and if it suceeds THEN it sends commands. At least according to what little I could find. Do you have decent writeup someplace? EricWedaa

4 Posts

Sign Up for Free or Log In to start participating in the conversation!