2017-02-13 18:52:54 +01:00
{
2018-08-13 17:06:29 +02:00
"authors" : [
"Kafeine"
] ,
2018-10-19 10:23:09 +02:00
"category" : "tool" ,
2018-08-13 17:06:29 +02:00
"description" : "TDS is a list of Traffic Direction System used by adversaries" ,
"name" : "TDS" ,
"source" : "MISP Project" ,
"type" : "tds" ,
"uuid" : "ab5fffaa-c5f6-11e6-9d9d-cec0c932ce01" ,
2018-02-28 16:16:28 +01:00
"values" : [
{
"description" : "Keitaro TDS is among the mostly used TDS in drive by infection chains" ,
"meta" : {
"refs" : [
"https://keitarotds.com/"
] ,
"type" : [
"Commercial"
]
} ,
2018-08-13 17:06:29 +02:00
"uuid" : "94c57fc0-4477-4643-b539-55ba8c455df6" ,
"value" : "Keitaro"
2018-02-28 16:16:28 +01:00
} ,
{
"description" : "BlackTDS is mutualised TDS advertised underground since end of December 2017" ,
"meta" : {
"refs" : [
"https://blacktds[.com/"
] ,
"type" : [
"Underground"
]
} ,
2018-08-13 17:06:29 +02:00
"uuid" : "d5c0cf8d-8ed0-4fa2-a2e6-7274516ea1c8" ,
"value" : "BlackTDS"
2018-02-28 16:16:28 +01:00
} ,
{
"description" : "ShadowTDS is advertised underground since 2016-02. It's in fact more like a Social Engineering kit focused on Android and embedding a TDS" ,
"meta" : {
"type" : [
"Underground"
]
} ,
2018-08-13 17:06:29 +02:00
"uuid" : "2680a4b1-84d1-4af0-8126-4429a90f8ef8" ,
"value" : "ShadowTDS"
2018-02-28 16:16:28 +01:00
} ,
{
"description" : "Sutra TDS was dominant from 2012 till 2015" ,
"meta" : {
"refs" : [
"http://kytoon.com/sutra-tds.html"
] ,
"type" : [
"Commercial"
]
} ,
2018-08-13 17:06:29 +02:00
"uuid" : "67f21003-bbc8-4993-b615-f990e539929f" ,
"value" : "Sutra"
2018-02-28 16:16:28 +01:00
} ,
{
"description" : "SimpleTDS is a basic open source TDS" ,
"meta" : {
"refs" : [
"https://sourceforge.net/projects/simpletds/"
] ,
"synonyms" : [
"Stds"
] ,
"type" : [
"OpenSource"
]
} ,
2018-08-13 17:06:29 +02:00
"uuid" : "aa179c37-1a8a-4761-841a-cc940e19d7be" ,
"value" : "SimpleTDS"
2018-02-28 16:16:28 +01:00
} ,
2018-12-22 11:51:40 +01:00
{
"description" : "zTDS is an open source TDS" ,
"meta" : {
"refs" : [
"http://ztds.info/doku.php"
] ,
"type" : [
"OpenSource"
]
} ,
"uuid" : "7a84de25-545a-4220-b500-85b9219dd67d" ,
"value" : "zTDS"
} ,
2018-02-28 16:16:28 +01:00
{
"description" : "BossTDS" ,
"meta" : {
"refs" : [
"http://bosstds.com/"
] ,
"type" : [
"Commercial"
]
} ,
2018-08-13 17:06:29 +02:00
"uuid" : "5a483b4b-671a-4113-9b99-a115d2d2d644" ,
"value" : "BossTDS"
2018-02-28 16:16:28 +01:00
} ,
{
"description" : "BlackHat TDS is sold underground." ,
"meta" : {
"refs" : [
"http://malware.dontneedcoffee.com/2014/04/meet-blackhat-tds.html"
] ,
"type" : [
"Underground"
]
} ,
2018-08-13 17:06:29 +02:00
"uuid" : "36aa3b2d-4927-45e5-be08-f30144fd1909" ,
"value" : "BlackHat TDS"
2018-02-28 16:16:28 +01:00
} ,
{
"description" : "Futuristic TDS is the TDS component of BlackOS/CookieBomb/NorthTale Iframer" ,
"meta" : {
"type" : [
"Underground"
]
} ,
2018-08-13 17:06:29 +02:00
"uuid" : "19d8eab9-72d5-4f22-affb-c0d6aed66346" ,
"value" : "Futuristic TDS"
2018-02-28 16:16:28 +01:00
} ,
{
"description" : "Orchid TDS was sold underground. Rare usage" ,
"meta" : {
"type" : [
"Underground"
]
} ,
2018-08-13 17:06:29 +02:00
"uuid" : "ec0048f2-a7b2-4a71-83de-6e8fe4fef252" ,
"value" : "Orchid TDS"
2023-03-09 04:45:13 +01:00
} ,
{
"description" : "Proofpoint has tracked the 404 TDS since at least September 2022. Proofpoint is not aware if this is a service sold on underground forums, but it is likely a shared or sold tool due to its involvement in a variety of phishing and malware campaigns." ,
"meta" : {
"refs" : [
"https://www.proofpoint.com/us/blog/threat-insight/screentime-sometimes-it-feels-like-somebodys-watching-me"
] ,
"type" : [
"Underground"
]
} ,
"uuid" : "7b956ff0-9021-499c-82a4-24b958cb32d9" ,
"value" : "404 TDS"
2018-02-28 16:16:28 +01:00
}
] ,
2023-03-09 04:45:13 +01:00
"version" : 5
2018-02-28 16:16:28 +01:00
}