?? > ?? > ??
?????????:???????????????????????
2025-01-18 06:51:51??:????:???

?????????:???????????????????????

?1?????????17???????? ?17????????,???????????????????????

????

2024?12????18???????????????????????????,??????CNCERT????(

???????????

(????)????????????

2024?8?????????19????????????????????,????????,???/????????????2024????8??????????????21???????,???????????????/???????????

(??????)?

2024???????????8??????21??????12????,?????????????????????????,???,?????????????,?/xxx/xxxx?flag=syn_user_policy????????????????????????????,????/xxx/xxxStats?

(?????)?

2024????11??????????6??2024?????11??????8?2024??????????11???????????16?,??????????276?????????????????????????????????????????????????????

??????????

(?)????

?IP???????,?,??????,???????,???

(??)?

2024?11??6??????11?16?,????3???????????????IP????,????????,??,????????????????????????????????????????,???????????,?????????????????4.98GB?

?????????????

(?)??????????????

???,?22????8?,?????????????10??????????????20???????????,??????????,???

(???????)???????????????

??5?IP????????????????,?????,??

(?????????????????????????????????)?

?,???,??

??????????,????,??????

(??)????????????????

?,?,??????????,?????276??????,?????????,?????????????

????????????????IP?

???????????

2024?????????12?????????18?????????,???????CNCERT?(

??????????????????????????????

(?)?

????Exchange????????????????2??????????????????Exchange????????,???????????,?????????????????,???

(?)????????????

????????????,????2????????????????????????,???????????????,????????????????????,??/owa/auth/xxx/xx.aspx?????????????/owa/auth/xxx/yy.aspx,????????????????????????????????????????????????????????????,?,?????????????

(???????????)?30?

????,???????????????????,?????????????????,????????????????????????????SSH?SMB??30?????????????????????????????????????????????????????;?????????????,????????????????????????????????????????????????,?websocket+SSH?????????????,???????????????????????????????,????????????WeChatxxxxxxxx.exe?????2??PIPE??????????,??????????

??????????????????????????

(??????????????????????????)???

?,???????????????????????????????????????????????????,??,????,???????????????????,??????

(?????????)?

??????????3??????????????,????????????,2023???5???????????????????????2?,???(95.179.XX.XX)???,????????,??????,?,??????????????????????????????????“???????????????????”?“???????”?“?”?“?(??????????+?)”?“???????IP??????????????”?“??????”?????

(????????????????????)?????????????

???????????????????????????????????????????????,??????????????????????????????,2023?????7??????????????26??????,?(65.21.XX.XX)???????????????????????,?,?????????????,??????????????,???????????????1.03GB??,???????“????”??“tip4XXXXXXXX.php”?

(????)???????????????

????,??????????????,???????????,?????????????????????????????????SSH??,?,??

????????????

(??)?????

?????????????????,????22???????8???????????????????????,??????????????10????????????20??????????????????????,???????????,???????????????

(??????????????????????????)?

2023?????5?2023??10?,?30??????????????,?IP????????????,??????????????

(?????)??????

??????2?PIPE??????????“c:\windows\system32\”?????????,?????????????????.net?????,?,?????????????????KB,???????????????TLS??????????????????????????????????????????,?https???????????????????,????????websocket+SSH??????,??

???????????IP?

???:????????????????

??:

相关推荐

  • ????:????????(??)????
  • ????????????????©1997-
  • ???????????????