Threat Actors' Systems Can Also Be Exposed and Used by Other Threat Actors
released on 2024-06-06 @ 07:22:24 AM
This report discusses a case where a CoinMiner threat actor's proxy server, used to access an infected botnet, became the target of a ransomware threat actor's Remote Desktop Protocol (RDP) scan attack. The ransomware threat actor successfully breached the proxy server and distributed ransomware to the CoinMiner's botnet. The report analyzes the sequence of events and explores the possibility of the attack being intentional or accidental.