Elaborate Honeypot 'Factory' Network Hit with Ransomware, RAT, and Cryptojacking

Discussion in 'malware problems & news' started by mood, Jan 22, 2020.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    38,101
    Elaborate Honeypot 'Factory' Network Hit with Ransomware, RAT, and Cryptojacking
    January 21, 2020
    https://www.darkreading.com/threat-...nsomware-rat-and-cryptojacking/d/d-id/1336842
    CyberScoop: Researchers set up a mock factory network — and watched the criminals rush in
    Trend Micro: Fake Company, Real Threats - Logs From a Smart Factory Honeypot
    Whitepaper: "Caught in the Act: Running a Realistic Factory Honeypot to Capture Real Threats"
    (PDF - 4.79 MB): https://documents.trendmicro.com/assets/white_papers/wp-caught-in-the-act-running-a-realistic-factory-honeypot-to-capture-real-threats.pdf
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,378
    Location:
    U.S.A.
    The part I love from the .pdf write up is how they had to shut down RDP on the honeypot due to the fact that they were attacked so frequently. It made any external network traffic almost impossible. So all these attacks noted were outside of the RDP attack scope.

    Also of note is how one attacker modified Win firewall rules to allow RDP.
     
    Last edited: Jan 22, 2020
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    38,101
    Ransomware: Hackers took just three days to find this fake industrial network and fill it with malware
    Researchers set up a tempting honeypot to monitor how cyber criminals would exploit it
    June 11, 2020

    https://www.zdnet.com/article/ranso...-industrial-network-and-fill-it-with-malware/
    Cybereason: Cybereason’s Newest Honeypot Shows How Multistage Ransomware Attacks Should Have Critical Infrastructure Providers on High Alert
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    38,101
    Security: Four zero-day attacks spotted in attacks against honeypot systems
    June 19, 2020
    https://www.zdnet.com/article/secur...-spotted-in-attacks-against-honeypot-systems/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.