Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals

blog.xlab.qianxin.com

Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals

blog.xlab.qianxin.com

🃏Joker to

cybersecurity@infosec.pub · 5 days ago

Introduction On April 29, 2024, XLab's Cyber Threat Insight and Analysis System(CTIA) detected anomalous activity: IP 172.247.127.210 was distributing an ELF-based Winnti backdoor. Further investigation revealed the same IP had, on December 20, 2023, distributed a zero-detection malicious PHP file, init_task.txt, providing a key

You must log in or register to comment.

Chat