Support
Training & Certification
Careers
Contact Us
Language
Español
Português
Deutsch
Product
Solutions
Stop Ransomware Attacks
Ransomware Solution
Rethink Your Firewall
Firewall Alternative
Zero Trust
Zero Trust Security
Cloud Security
Cloud Migration
Hybrid Cloud Security
Segmentation Initiatives
Microsegmentation
Environment Segmentation
Container Segmentation
Application Segmentation
User Segmentation
Detect Lateral Movement
Compliance
PCI DSS Compliance
SWIFT Compliance
Industries
Finance
Healthcare
Law Firms
Other Industries
Tools
Zero Trust Assessment
Attack Surface Reduction Report
Firewall Cost Savings Calculator
Services
Professional Services
Support
Technical Account Manager
Cyber Security Analyst
Training and Certification
Partners
Partner Program
Partner Login
Technology Partners
MSP PROGRAM
Company
Leadership
Awards & Recognition
Events
Careers
Contact Us
Resources
Resource Center
Comparison Guides
Segmentopedia
Ransomware Hub
Microsegmentation Hub
Blog
Press Releases
Labs
Labs Blog
Infection Monkey
Botnet Encyclopedia
Cyber Threat Intelligence
Research & Academic
GET A DEMO
CONTACT US
Botnet Encyclopedia
Get in-depth analyses of attack campaigns captured by Guardicore Global Sensors Network (GGSN).
Learn about each botnet’s scope, its associated indicators of compromise (IOCs), and the attack flow.
Find
Results
MoneroSsh
MoneroSsh
Read More
911
911
A long-running campaign in which a Mirai-variant named “Sora” is deployed. The malware scans for additional victims over Telnet port 23.
Read More
GhOul
GhOul
This Telnet DDoS campaign is targeting SSH servers and has been active since February 2020.
Read More
PLEASE_READ_ME_VVV
PLEASE_READ_ME_VVV
This campaign, unlike many others, is not a cryptomining botnet. Here, the attackers compromise victim machines using MySQL brute force
Read More
Smominru
Smominru
The Smominru botnet and its variants MyKings and Hexmen managed to infect thousands of MS-SQL machines on a daily basis
Read More
PLEASE_READ_ME
PLEASE_READ_ME
PLEASE_READ_ME_VVV is a mass-scale ransom attack, in which the attackers choose to leave the ransom note within MySQL database tables.
Read More
We strive for cooperation with the cyber threat intelligence community and welcome any contribution, question and suggestion.
Contact Us
Results