SnifLite

Description

(Group-IB) After deobfuscating the code, Group-IB found that the attacks used a sniffer from the SnifLite family, already known to Group-IB experts and used by the threat actor UltraRank. Due to the relatively small number of infected websites, the attackers most likely used the credentials in the CMS administrative panel, which, in turn, could have been compromised using malware or as a result of brute force attacks.

Names

Name
SnifLite

Type

Credential stealer

Information

https://www.group-ib.com/blog/ultrarank

Other Information

Uuid

a66b3b44-3a8f-4fba-9a0e-956abc89f879

Last Card Change

2021-01-07

Threat Intelligence Garden

Explorer

SnifLite

SnifLite

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks