| Category | Details |
|---|---|
| Threat Actors | Hacker forums users, sellers of Chrome/Edge 0-day RCE, sellers of Aliena botnet source code, sellers of databases for Sólides, Young Living, and ProcessMaker. |
| Campaign Overview | Sale of critical vulnerabilities (Chrome/Edge RCE), sale of advanced botnet source code (Aliena), and breaches involving personal and institutional data from Sólides, Young Living, and ProcessMaker. |
| Target Regions | Global (Chrome/Edge users), Brazil (Sólides database), US and global (Young Living, ProcessMaker databases). |
| Methodology | Sale of 0-day vulnerabilities, advertising stolen databases, and leaked botnet source code targeting financial systems. |
| Products Targeted | Chrome, Edge, financial systems (via Aliena botnet), sensitive personal and institutional data (Sólides, Young Living, ProcessMaker). |
| Malware Reference | Aliena botnet (banking botnet with advanced financial transaction capabilities). |
| Tools Used | Aliena botnet source code (includes Builder, RestAPI, APK components, and NodeJs), exploits for 0-day RCE vulnerabilities, data exfiltration tools (used in ProcessMaker and Young Living breaches). |
| Vulnerabilities Exploited | 0-day RCE in Chrome and Edge, internal systems vulnerabilities (ProcessMaker breach), weak data security protocols (Sólides, Young Living breaches). |
| TTPs | Exploitation of 0-day vulnerabilities, unauthorized data exfiltration, advertising and selling stolen data and malicious tools on hacker forums. |
| Attribution | Threat actors on SOCRadar-monitored hacker forums; unnamed individuals selling vulnerabilities and stolen databases; potential use of insider knowledge or access (ProcessMaker). |
| Recommendations | Monitor dark web forums for early threat detection, patch browsers for emerging 0-day vulnerabilities, enhance data security measures, restrict access to sensitive systems, and investigate leaks to identify attackers. |
| Source | SOCRadar |
Read full article: https://socradar.io/chrome-edge-exploit-aliena-botnet-and-massive-data-breaches-uncovered/
The above summary has been generated by an AI language model
Leave a Reply