Tsunami

Language updated a month ago (2024-09-19T17:03:59.224Z)
Download STIX
Preview STIX
The "Tsunami" malware, named after its destructive nature, has been a significant cybersecurity threat. This malicious software is designed to exploit and damage computer systems, often infiltrating them through suspicious downloads, emails, or websites. Identified by a series of MD5 hashes, the malware includes components such as xmrigDeamon, Bioset, dns3, xmrigMiner, docker-update, dns, 64[watchdogd], 64bioset, 64tshd, armbioset, armdns, armtshd, tntscan, SystemHealt, and AVscan. The malware has been linked to various illicit activities, including online gambling operations run by Chinese gangs in Southeast Asia. On October 2, 2023, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National Aeronautics and Space Administration (NASA)—issued two proposed rules in response to the increasing cybersecurity threats. This regulatory wave was described as a "tsunami of cybersecurity regulation." Amid these developments, Tim Grieveson, former CSO & SVP Information Security at AVEVA and now Global Cyber Risk Advisor at Bitsight, emphasized the importance of not only protecting organizations but also complying with the rapidly growing global cyber regulations. The Tsunami malware has been used in numerous DDoS attacks over the past decade, causing significant disruption. It has been associated with threat actors like KNOTWEED | Denim Tsunami, who actively exploited vulnerabilities. The malware's impact has been compared to a DDoS attack—an online tsunami that can last for days or even months, inundating any business. Moreover, it poses a risk to managed service providers (MSPs), potentially granting threat actors access to customer environments, similar to the Kaseya attacks businesses faced in 2021.
Description last updated: 2024-09-12T23:15:42.045Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Tsunami Language was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
a month ago
DARKReading
a month ago
CERT-EU
8 months ago
Securityaffairs
a year ago
BankInfoSecurity
6 months ago
BankInfoSecurity
6 months ago
CERT-EU
7 months ago
CERT-EU
7 months ago
CERT-EU
7 months ago
CERT-EU
8 months ago
DARKReading
8 months ago
CERT-EU
8 months ago
CERT-EU
8 months ago
Securityaffairs
9 months ago
CERT-EU
9 months ago
CERT-EU
9 months ago
CERT-EU
9 months ago
CERT-EU
9 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago