Intel Name: Unmasking prometei: a deep dive into our mxdr findings
Date of Scan: October 24, 2024
Impact: Medium
Summary: “Unmasking Prometei: A Deep Dive Into Our MXDR Findings” examines the Prometei botnet, active since 2016, which focuses on cryptocurrency mining and credential theft. By early 2023, it had compromised over 10,000 systems, particularly in Brazil, Indonesia, and Turkey. The report details its use of a domain generation algorithm, exploitation of vulnerabilities like BlueKeep and Microsoft Exchange, and self-updating features for persistence. It emphasizes the necessity of advanced MXDR strategies to effectively counter this evolving threat.