Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware.
Androxgh0st malware establishes a botnet for victim identification and exploitation in vulnerable networks, and targets files that contain confidential information, such as credentials, for various high profile applications. Threat actors deploying Androxgh0st malware have been observed exploiting specific vulnerabilities which could lead to remote code execution, including:
In response, CISA is adding these CVEs to its Known Exploited Vulnerabilities Catalog.
CISA and FBI encourage organizations to review and implement the mitigations found in the joint CSA to reduce the likelihood and impact of cybersecurity incidents caused by Androxgh0st malware. For more information, visit CISA’s Malware, Phishing, and Ransomware page.
Systems Affected Any system running Microsoft Windows (Windows 95 and newer) that are used…
Systems Affected Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer…
Systems Affected Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point…
Systems Affected Systems running Microsoft Windows Overview Microsoft Windows contains multiple vulnerabilities,…
Systems Affected Systems running Microsoft Office XP and Outlook 2002 Overview There…
Systems Affected Applications and systems that use the OpenSSL SSL/TLS library Overview …
This website uses cookies.