?????????1??????????17?????????? ??????????17???????????,????????

??????

2024??????????????????????12?18?,????CNCERT?????(

??????????????????????????????

(???)???????????????????

2024?????8???????19????????,??????????????,????????????????/??2024????8???21????,?/????????????????

(????????????????)???????

2024?8??????????????21?12????????????????,????????,???????????????????????,???????????????????,??/xxx/xxxx?flag=syn_user_policy??,?/xxx/xxxStats?

(??????)??

2024???????????????????????11?6???????????????2024??????11?8?2024?11??????????16??????,????????????????276????????????????????????????????????????????

?????????????????

(?)??

?????IP?,?,????,???,???????

(?????????????)?

2024??????11??????????????6?11???????????????????????16????,?3??????IP????????,??????,?????????????,??????????????????????????????????????????,??????????,????????4.98GB?

??????????????????????????

(???????????????)????

????,??22???????????8?????????,???????????10?????????????????20???????????????,??????????????????????????????????,??????????????????????

(?)?????????????????????????????????

??????????????5?????????????IP??????????????,????????,???????????

(?)??????????

????????????,???????,??????????????

???????????????????????????,??????????,??

(?????????????)?????????

?????????????????,??????,?,?276?,???????????????????????????,??????????????????????????

??????????IP??????????????????????

????????????

2024?12?18??????????????,??CNCERT?(

???????????????

(?????)???

???????????????Exchange????????????????????????2?????????Exchange?,??????,???????????????????,?????????????

(??)??????????

?,?2???????????????,???????????????????????,??????????,?/owa/auth/xxx/xx.aspx??????????????????????????????/owa/auth/xxx/yy.aspx,??????????????,???????????????,??

(?)????????????30???????

??,????,?????,????????????????SSH?SMB?????????????30??????????????????????????????????;?????????,???????????????????????????????????????????????,??????????????websocket+SSH??????????????????????????,?????????????????????,??????????????????WeChatxxxxxxxx.exe?????2?PIPE????,????????????????

????????????

(?)???????????

?,????????????????,???????????,?,?????????????????,???

(????)?

??3??????????????????????,?????????????????????????????,2023????????????????????5???????2???????????,??(95.179.XX.XX)???????,?,???????????????????,??????,????“?????”?“?”?“??????????”?“????????(?????+????)”?“?IP?”?“???????????????????????????”????

(?)?????

??????????,?????????????????????????,2023??????????7??????????????26?,???????????????????(65.21.XX.XX)?,???,??,?????????????,?1.03GB??,?????????“?????”??????????????“tip4XXXXXXXX.php”?

(?????)??

???????????????????????,???????????,???????????,??????????????????????????????????????????????????????????SSH?????????,???????????????????????????,????

???????

(?)?

?,??22???????8???????,????????????????????????10??20?????????,????,??

(???????????)???????????

2023????????????5???????????????2023?????????????????10?,????????????????????????????30?,?IP?,?????

(??????)????????

??????????????2?????PIPE????“c:\windows\system32\”????,???????????????????.net?,??,????KB,????????TLS????????????????????????????????,?????https???????????,????????websocket+SSH?????,???

????IP???

?????????????:????? “??????100???”_????

?? ???????????????????????:?????????

???????????????????????:?????????
??
2025-01-18 05:39:38

????:1???????100???:??92?

2??????????

3?????????

4?????

5???????500?4???

?????????1??????????17?????????? ??????????17???????????,????????

??????

2024??????????????????????12?18?,????CNCERT?????(

??????????????????????????????

(???)???????????????????

2024?????8???????19????????,??????????????,????????????????/??2024????8???21????,?/????????????????

(????????????????)???????

2024?8??????????????21?12????????????????,????????,???????????????????????,???????????????????,??/xxx/xxxx?flag=syn_user_policy??,?/xxx/xxxStats?

(??????)??

2024???????????????????????11?6???????????????2024??????11?8?2024?11??????????16??????,????????????????276????????????????????????????????????????????

?????????????????

(?)??

?????IP?,?,????,???,???????

(?????????????)?

2024??????11??????????????6?11???????????????????????16????,?3??????IP????????,??????,?????????????,??????????????????????????????????????????,??????????,????????4.98GB?

??????????????????????????

(???????????????)????

????,??22???????????8?????????,???????????10?????????????????20???????????????,??????????????????????????????????,??????????????????????

(?)?????????????????????????????????

??????????????5?????????????IP??????????????,????????,???????????

(?)??????????

????????????,???????,??????????????

???????????????????????????,??????????,??

(?????????????)?????????

?????????????????,??????,?,?276?,???????????????????????????,??????????????????????????

??????????IP??????????????????????

????????????

2024?12?18??????????????,??CNCERT?(

???????????????

(?????)???

???????????????Exchange????????????????????????2?????????Exchange?,??????,???????????????????,?????????????

(??)??????????

?,?2???????????????,???????????????????????,??????????,?/owa/auth/xxx/xx.aspx??????????????????????????????/owa/auth/xxx/yy.aspx,??????????????,???????????????,??

(?)????????????30???????

??,????,?????,????????????????SSH?SMB?????????????30??????????????????????????????????;?????????,???????????????????????????????????????????????,??????????????websocket+SSH??????????????????????????,?????????????????????,??????????????????WeChatxxxxxxxx.exe?????2?PIPE????,????????????????

????????????

(?)???????????

?,????????????????,???????????,?,?????????????????,???

(????)?

??3??????????????????????,?????????????????????????????,2023????????????????????5???????2???????????,??(95.179.XX.XX)???????,?,???????????????????,??????,????“?????”?“?”?“??????????”?“????????(?????+????)”?“?IP?”?“???????????????????????????”????

(?)?????

??????????,?????????????????????????,2023??????????7??????????????26?,???????????????????(65.21.XX.XX)?,???,??,?????????????,?1.03GB??,?????????“?????”??????????????“tip4XXXXXXXX.php”?

(?????)??

???????????????????????,???????????,???????????,??????????????????????????????????????????????????????????SSH?????????,???????????????????????????,????

???????

(?)?

?,??22???????8???????,????????????????????????10??20?????????,????,??

(???????????)???????????

2023????????????5???????????????2023?????????????????10?,????????????????????????????30?,?IP?,?????

(??????)????????

??????????????2?????PIPE????“c:\windows\system32\”????,???????????????????.net?,??,????KB,????????TLS????????????????????????????????,?????https???????????,????????websocket+SSH?????,???

????IP???

?????????????:?????

????6%

???:??

相关推荐