Keksec and Tsunami-Ryuk

Security Alert
Published June 11, 2021

Keksec, known as Necro, has updated the algorithm used to generate new domains for a variant of the Tsunami DDoS malware, which has been seen in the wild for the first time.

ADVERSARY:
MALWARE FAMILIES:
Ryuk,Necro,Tsunami (ELF)
ATT&CK IDS:
T1027 – Obfuscated Files or Information,T1110 – Brute Force,T1568 – Dynamic Resolution,T1498 – Network Denial of Service

Related Content

Ready to Simplify IT Management?

We will work with you to select a plan that meets your business needs, while helping you get more from your technology, with less work, and less worry about making it all run right.