Keksec and Tsunami-Ryuk

Security Alert
Published June 11, 2021

Keksec, known as Necro, has updated the algorithm used to generate new domains for a variant of the Tsunami DDoS malware, which has been seen in the wild for the first time.

ADVERSARY:
MALWARE FAMILIES:
RyukNecroTsunami (ELF)
ATT&CK IDS:
T1027 – Obfuscated Files or InformationT1110 – Brute ForceT1568 – Dynamic ResolutionT1498 – Network Denial of Service

Related Content

Ready to Simplify IT Management?

We will work with you to create a plan that meets your business needs, while helping you get more from your technology, with less work, and less worry about making it all run right.