Asnarök is a threat actor, also known as Personal Panda. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Asnarök exploit?

Specific CVE exploitation data for Asnarök is being tracked. Check the Strobes VI threat actor profile for updates.

Asnarök

Also known as: Personal Panda

Exploited CVEs

Overview

Asnarök is a threat actor that exploited CVE-2020-12271 and utilized command injection privilege escalation to gain root access to devices and install the Asnarök Trojan and demonstrated significant changes in TTPs, including the deployment of a web shell that did not reach out to external C2 for commands. X-Ops identified a patient-zero device linked to the attack and observed the use of an IC.sh script that stole local user account data. The actor's activities were linked to a broader pattern of malicious exploit research and targeted vulnerabilities disclosed by bug bounty researchers.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database