The Rising Diicot Threat Group with Diverse Attack Capabilities

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A Romanian threat group “Diicot” has been actively employing SSH bruteforcing and deploying malware loaders to compromise systems for the purpose of cryptocurrency mining. The campaign involves exploiting OpenWRT systems and deploying customized XMRig variants alongside aliases and disguised network scanners.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.