Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: New telnet attack? command injection against telnet... - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New telnet attack? command injection against telnet...
Hello Eric,

Could be a buggy bot script?
The set of commands sent as username is coming from the classic Gafgyt malware…
Could you share the IP addresses with me please?

KR,
Xme

305 Posts
ISC Handler
I don't think so. That malware apparently tries a dictionary attack and if it suceeds THEN it sends commands. At least according to what little I could find. Do you have decent writeup someplace? EricWedaa

4 Posts

Sign Up for Free or Log In to start participating in the conversation!