FedSearch - Federated network search engine

da_667 · @da_667

3107 followers · 195 posts · Server infosec.exchange

Interestingly enough, the second bot, GoTrim uses a very unique user-agent for doing external IP address checks against a number of "what's my IP address" services, with a very unique user-agent: go-external-ip

We already have a rule for that -- 2030468 go-external-ip library User-Agent

#Malware #Ransomware #ThreatIntel #iocs #iocexchange #Snort #Suricata #NSM #ThreatHunting #GoTrim #CIARansomware

#malware #ransomware #threatintel #iocs #iocexchange #snort #suricata #nsm #threathunting #gotrim #ciaransomware

Last updated 3 years ago

Original post

securityaffairs · @securityaffairs

161 followers · 96 posts · Server infosec.exchange

#GoTrim #botnet actively brute forces #WordPress and #OpenCart sites
https://securityaffairs.co/wordpress/139647/malware/gotrim-botnet-wordpress.html
#securityaffairs #hacking

#gotrim #botnet #wordpress #OpenCart #securityaffairs #hacking

Last updated 3 years ago

Original post

Redhotcyber · @redhotcyber

264 followers · 213 posts · Server mastodon.bida.im

Open media

Il nuova botnet GoTrim prende di mira gli account di amministrazione di WordPress

Gli specialisti di #Fortinet hanno scoperto un nuovo #malware chiamato #GoTrim il quale è stato scritto in #Go e sta scansionando Internet alla ricerca di siti #WordPress per forzare la #password degli #amministratori del sito e ottenerne il controllo.