National Cyber Warfare Foundation (NCWF)

8220 Gang Exploiting WebLogic Vulnerabilities for Cryptojacking (Campaign)
0 user ratings		2026-01-16 10:46:38
milo
Attacks
Water Sigbin exploits CVE-2017-3506 to gain initial access, deploying a PowerShell script on the compromised machine. This script decodes and executes the first stage payload, named wireguard2-3.exe, in the temporary directory. The malware masquerades as a legitimate VPN appli...

Water Sigbin exploits CVE-2017-3506 to gain initial access, deploying a PowerShell script on the compromised machine. This script decodes and executes the first stage payload, named wireguard2-3.exe, in the temporary directory. The malware masquerades as a legitimate VPN appli...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/8220-gang-exploiting-weblogic-vulnerabilities-for-cryptojacking

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Attacks


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.