?? > ?? > ??
?????????:???????????????????????
2025-01-18 13:17:21??:????:???

?????????:???????????????????????

??1?????17???????????????? ?17????,????????????

????

2024??????????????????12??????18??,????????????????????????CNCERT?(

???

(??????????)????

2024?8?19??????????,?????,????????????????????????/????????????2024????8????21?,?/????

(??)?

2024???????????????????8??21???12???????,?????????????????,??????????????,????????????,????????/xxx/xxxx?flag=syn_user_policy??,?/xxx/xxxStats?

(??????)?

2024????????????????????????????11????????????????????????6??????????????2024?????????????????????11??????8??????2024?11??16????????????,????276????????????????????????????

??????

(???????????)???????????????????

???????????IP?????????????,???????????????????????????,?????????,??????????,????????????????????

(??????????)?

2024???11????????????????????6??????????????11??16??????,?????????????3?IP?????,???,??????????????????????,????,????????????,?????????????????????????????????4.98GB?

???????????????????

(???????????????)???

???????,?????????????????????22?8?????????????,????10?????????20?,?,???

(??????????????????????????)?????????????????

?5????IP?,?,?????

(?????????)??????????????

???,??????????????????,???????????????????????

?,?,???????????????????????????????????

(?????????????????)?????????

???????,?,?????????,???276????,???????????????????,??????????????????

??????????IP?

????

2024?12?????18?,??CNCERT????(

??????????????????????????????????

(????)?????

???????????????Exchange?????????2????????Exchange???????????????????????,?????????????,??,???????????????

(?)????????????????????????????

???????????,???????????2?????,??,??????????????????????,??????????????????????????????/owa/auth/xxx/xx.aspx?????????????????/owa/auth/xxx/yy.aspx,???????????????????????????????????????????,???????????????,????????????????????

(???????????)???30?

????????,?,???????????????????????,?SSH?SMB??????30????????????????????;????,???????????????????????????????????????????????????,??????websocket+SSH??????????????,?????????????????????,???????WeChatxxxxxxxx.exe???????????????2????PIPE???????????????,??????????

????????????????????

(?)?????????????????

?????,???,?,?????,?????????,??

(?)??????

?3??????????????????,????????????,2023??????????5??????????????2???????,????????????????(95.179.XX.XX)??????,????????????,??????????,???????????????,?“????????????????????”?“???????????????????????”?“????????????”?“?????????(??+?)”?“?IP?”?“????”??????

(??????)???????????????????

???,????????????????????,2023???????7???????????????????26?????????,??(65.21.XX.XX)??????,????,???????????,???????????????????????????,???????1.03GB??????,????????????“?”???????????????“tip4XXXXXXXX.php”?

(??????????????)????????

?,????,??????????????,?????????????????????????????????SSH????????,???????????,???????????????

???????????????????????

(???????)???

??????????????,????22????????????8??????????????????,?10?20???????????????,?,???

(?)?

2023??????5?2023?10??,????????30??????????,???????????????????????????IP????,????????????????????????

(??????)?????????????????

?2?????PIPE??“c:\windows\system32\”?,?.net?????,?,????????????KB,?????????????????????????????????TLS???????????????????????????????????????,??????????????https?,??????????????????????websocket+SSH????????,??????

?????????????IP?

??:???????????

??:

相关推荐

  • ????:????????(??)????
  • ????????????????©1997-
  • ???????????????