Satori

Malware updated 13 days ago (2024-11-08T12:27:40.048Z)

Download STIX

Preview STIX

Satori is a variant of the Mirai "Internet of Things" botnet malware, created by an individual known as IntelSecrets. This person modified the source code of Mirai to produce Satori, which was then supplied to others for illicit activities. The operators who used Satori were eventually apprehended and prosecuted. Satori infects devices and executes its predefined activities, such as scanning and spreading outbound or performing other variant-specific actions. In response to the challenges posed by malware like Satori, Yoav Cohen, CTO and co-founder of Satori (not related to the malware), developed the Universal Data Permissions Scanner. This tool simplifies data security and manages authorizations, providing companies with a clear view of data access permissions. It's freely available on GitHub, inviting all organizations to enhance their global data security. The Satori Threat Intelligence Team from Human Security discovered a significant adware campaign linked to Satori malware, marking it as the largest find in the group's history. They also uncovered a new build of ScrubCrypt, a malicious program being sold in underground communities and used in attacks on their customers. The team recommends reviewing resources for a better understanding of similar threats, like RedLine Stealer, and acknowledges the contributions of various cybersecurity organizations towards combating these threats.

Description last updated: 2024-11-06T00:05:44.262Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Mirai is a possible alias for Satori. Mirai, a malware that targets Internet of Things (IoT) devices, was responsible for over 7 million botnet detections in early 2022. This malicious software infiltrates systems often without the user's knowledge and can steal personal information, disrupt operations, or hold data hostage for ransom.	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Fraud

Botnet

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Satori Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Krebs on Security	16 days ago	Canadian Man Arrested in Snowflake Data Extortions
CERT-EU	a year ago	HUMAN Satori Threat Intelligence Alert: Account Takeover Attacks Use ScrubCrypt to Deploy RedLine Stealer Malware
CERT-EU	a year ago	Analysis of Active Satori Botnet Infections
CERT-EU	a year ago	Chinese Android-based Devices It Comes Pre-installed With a Firmware Backdoor
CERT-EU	a year ago	Satori's Data Security Platform is Selected for the Microsoft Pegasus Program and is Available in the Azure Marketplace – Global Security Mag Online
DARKReading	2 years ago	Massive Adware Campaign Shuttered
DARKReading	2 years ago	Satori Unveils Universal Data Permissions Scanner, A Free Open-Source Tool that Sheds Light on Data Access Authorization