Type
Campaign
Actors
Pub. date
July 11, 2023
Initial access
Web vulnerabilitySoftware misconfig
Impact
Resource hijackingData exfiltrationDenial of service
Observed techniques
Observed tools
Targeted technologies
References
Status
Finalized
Last edited
Jun 2, 2024 11:57 AM
In July 2023, details of recent activities related to ScarletEel were published, showing the advancement of the attacker over time. The threat actors expanded their arsenal to include new tools and a C2 infrastructure, making it more difficult to detect their activity. They typically gain access by exploiting vulnerable open compute services and vulnerable applications. While they continue to focus on financial gain through crypto mining, they also remain interested in intellectual property theft