Quad7 Botnet (adcf70d6-74e0-4436-bc92-f05bc924bf80)
This object reflects ATT&CK Techniques associated with 7777 or Quad7, a botnet used to compromise network devices such as TP-LINK small office/home office ("SOHO") routers and use the infected devices to relay password spraying attacks against Microsoft 365 accounts.
Additional Techniques associated with the botnet's operators can be found in the related Group object, "Quad7 Botnet Operators".[Sekoia.io Blog July 23 2024][Sekoia.io Blog September 9 2024]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Quad7 Botnet Operators (bf3d1108-0bcd-47ae-8d71-4df48e3e2b43) | Tidal Groups | Quad7 Botnet (adcf70d6-74e0-4436-bc92-f05bc924bf80) | Tidal Software | 1 |