Satori

Malware updated a month ago (2024-11-29T13:57:51.359Z)
Download STIX
Preview STIX
Satori is a variant of the Mirai "Internet of Things" botnet malware, created by an individual known as IntelSecrets. This person modified the source code of Mirai to produce Satori, which was then supplied to others for illicit activities. The operators who used Satori were eventually apprehended and prosecuted. Satori infects devices and executes its predefined activities, such as scanning and spreading outbound or performing other variant-specific actions. In response to the challenges posed by malware like Satori, Yoav Cohen, CTO and co-founder of Satori (not related to the malware), developed the Universal Data Permissions Scanner. This tool simplifies data security and manages authorizations, providing companies with a clear view of data access permissions. It's freely available on GitHub, inviting all organizations to enhance their global data security. The Satori Threat Intelligence Team from Human Security discovered a significant adware campaign linked to Satori malware, marking it as the largest find in the group's history. They also uncovered a new build of ScrubCrypt, a malicious program being sold in underground communities and used in attacks on their customers. The team recommends reviewing resources for a better understanding of similar threats, like RedLine Stealer, and acknowledges the contributions of various cybersecurity organizations towards combating these threats.
Description last updated: 2024-11-06T00:05:44.262Z
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Mirai is a possible alias for Satori. Mirai is a type of malware that primarily targets Internet of Things (IoT) devices, converting them into a botnet, which is then used to launch Distributed Denial of Service (DDoS) attacks. In early 2022, Mirai botnets accounted for over seven million detections worldwide, though there was a 9% quar
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Fraud
Botnet
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.