{"id":4143,"date":"2022-01-06T17:59:59","date_gmt":"2022-01-06T12:29:59","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=4143"},"modified":"2022-01-06T18:00:16","modified_gmt":"2022-01-06T12:30:16","slug":"elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/","title":{"rendered":"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions"},"content":{"rendered":"\n<p><p style=\"text-align: justify;\">A financially-inspired attacker known as \u2018Elephant Beetle\u2019 is seizing millions of dollars from companies across the world by utilizing an arsenal of over 80 unique tools and scripts. The group is very sophisticated and patient, spending months studying the victim\u2019s environment and the financial transaction procedure, only then moves to exploit bugs in the operation.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">The attackers insert malicious transactions into the network and hijack small amounts over long periods, leading to an overall theft of millions of dollars. If they are spotted, they lay low for a while and return through a different system.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">The researchers of \u2018Elephant Beetle\u2019 arrives to&nbsp; be in targeting legacy Java applications on Linux systems, which is typically their entry point to corporate networks. The threat actor\u2019s TTPs are revealed in a detailed technical report which the Sygnia Incident Revert team shared with our experts before posting it.<\/p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Fraudulent Bugs and Consonant with Normal Traffic<\/strong><\/h2>\n\n\n\n<p><p style=\"text-align: justify;\">\u2018Elephant Beetle\u2019 suggested targeting known and likely unpatched vulnerabilities instead of buying or developing zero-days exploits. Investigators have observed the gang for two years and can confirm that the attackers exploiting the following bugs:<\/p><\/p>\n\n\n\n<ul><li>Primefaces Application Expression Language Injection (CVE-2017-1000486)<\/li><li>WebSphere Application Server SOAP Deserialization Exploit (CVE-2015-7450)<\/li><li>SAP NetWeaver Invoker Servlet Exploit (CVE-2010-5326)<\/li><li>SAP NetWeaver ConfigServlet Remote Code Execution (EDB-ID-24963)<\/li><\/ul>\n\n\n\n<p><p style=\"text-align: justify;\">All four of the above bugs allow the threat actor to run arbitrary code remotely through a specially crafted and opaque web shell.<\/p><\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full is-resized\"><img decoding=\"async\" loading=\"lazy\" src=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image1.jpg\" alt=\"\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image1\" class=\"wp-image-4145\" width=\"716\" height=\"259\" srcset=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image1.jpg 1012w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image1-300x109.jpg 300w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image1-768x279.jpg 768w\" sizes=\"(max-width: 716px) 100vw, 716px\" \/><\/figure><\/div>\n\n\n\n<p><p style=\"text-align: justify;\">The attackers require conducting a long-term surveillance and research, so the next primary goal is to remain undetected for some months. To get this, they try to blend with regular traffic by mimicking appropriate packages, camouflage web shells as font, image, or CSS and JS resources, and utilizing WAR archives to pack payloads.<\/p><\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"470\" height=\"295\" src=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image2.jpg\" alt=\"\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image2\" class=\"wp-image-4146\" srcset=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image2.jpg 470w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image2-300x188.jpg 300w\" sizes=\"(max-width: 470px) 100vw, 470px\" \/><\/figure><\/div>\n\n\n\n<p><p style=\"text-align: justify;\">\u201cThe Elephant Beetle thieves will also try and literally overwrite non-threatening files, as they slowly prepare for the true attack.\u201d The other tactics that was utilized by the attacker was modifying or replacing completely the default web page files. i.e., replacing the iistart.aspx or default.aspx on IIS web servers.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">By utilizing this tactic permitted the threat group two things \u2013 the first is an almost guaranteed access to their web shell from various servers or from the internet, because the routes for this are often permitted by default.<\/p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Moving Sideward through the Custom Backdoors<\/strong><\/h2>\n\n\n\n<p><p style=\"text-align: justify;\">After the first web server has been negotiated, the attacker utilizes a custom Java scanner that fetches a list of IP addresses for a specific port of HTTP interface. This tool is highly versatile and configurable, and Sygnia reports seeing it used extensively in the observed &#8216;Elephant Beetle&#8217; operations.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Having identified potential internal server pivoting points, the actors use compromised credentials or RCE flaws to spread laterally to other devices in the network.<\/p><\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img decoding=\"async\" loading=\"lazy\" width=\"1024\" height=\"269\" src=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image3-1024x269.png\" alt=\"\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image3\" class=\"wp-image-4147\" srcset=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image3-1024x269.png 1024w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image3-300x79.png 300w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image3-768x202.png 768w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image3-1536x404.png 1536w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image3.png 1600w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n\n<p><p style=\"text-align: justify;\">&#8220;The threat group moves laterally within the network mainly through web application servers and SQL servers, leveraging known techniques such as Windows APIs (SMB\/WMI) and &#8216;xp_cmdshell&#8217;, combined with custom remote execution volatile backdoors.&#8221; &#8211; Sygnia.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">The group uses two one-liner backdoors that facilitate lateral movement; a Base64 encoded PowerShell and a Perl back-connect backdoor.<\/p><\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"1012\" height=\"75\" src=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image4.jpg\" alt=\"\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image4.\" class=\"wp-image-4148\" srcset=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image4.jpg 1012w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image4-300x22.jpg 300w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-image4-768x57.jpg 768w\" sizes=\"(max-width: 1012px) 100vw, 1012px\" \/><\/figure><\/div>\n\n\n\n<p><p style=\"text-align: justify;\">The first backdoor simulates a web server and binds a remote code execution channel to target ports, while the second one runs and interactive shell for C2 communication (command reception and output). In various cases, the attacker utilized a third backdoor for shellcode execution on the host through an encrypted tunnel generated utilizing a set of harcoded certificates.<\/p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>What are the Attributions and Defense Tips?<\/strong><\/h3>\n\n\n\n<p><p style=\"text-align: justify;\">\u2018Elephant Beetle\u2019 utilizes the Spanish code variables and file names, and the majority of the C2 IP addresses they utilize are based on Mexico. Also, the Java-written network scanner was uploaded to Virus Total from Argentina, probably during the early development and testing phase.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Also, the Java-written network scanner was uploaded to Virus Total from Argentina, probably during the early development and testing phase. As such, the group appears to be connected to Latin America and may have a relation or overlap with the actor FIN13, tracked by Mandiant.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Some basic advice to defend against this actor includes:<\/p><\/p>\n\n\n\n<ul><li>Avoid using the &#8216;xp_cmdshell&#8217; procedure and disable it on MS-SQL servers. Monitor for configuration changes and the use of &#8216;xp_cmdshell&#8217;.<\/li><li>Monitor WAR deployments and validate that the packages deployment functionality is included in the logging policy of the relevant applications.<\/li><li>Hunt and monitor for the presence and creation of suspicious .class file in the WebSphere applications temp folders.<\/li><li>Monitor for processes that were executed by either web server parent services processes (i.e., &#8216;w3wp.exe&#8217;, &#8216;tomcat6.exe&#8217;) or by database-related processes (i.e., &#8216;sqlservr.exe&#8217;).<\/li><li>Implement and verify segregation between DMZ and internal servers.<\/li><\/ul>\n\n\n\n<p><p style=\"text-align: justify;\">Lastly, make sure to grab the indicators of compromise (IoC) from the report that will help you hunt for &#8216;Elephant Beetle&#8217; proactively. Considering that this threat actor is exploiting old and unpatched vulnerabilities for the initial negotiation, it is an important to preserve all of your applications updated with the latest security patches.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A financially-inspired attacker known as \u2018Elephant Beetle\u2019 is seizing millions of dollars from companies across the world by utilizing an arsenal of over 80 unique tools and scripts. The group is very sophisticated and patient, spending months studying the victim\u2019s environment and the financial transaction procedure, only then moves to exploit bugs in the operation. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":4149,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.11 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"A financially-inspired attacker known as \u2018Elephant Beetle\u2019 is seizing millions of dollars from companies across the world by utilizing an arsenal of over 80 unique tools and scripts. The group is very sophisticated and patient, spending months studying the victim\u2019s environment and the financial transaction procedure, only then moves to exploit bugs in the operation. [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-06T12:29:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-01-06T12:30:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-featured-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions\",\"datePublished\":\"2022-01-06T12:29:59+00:00\",\"dateModified\":\"2022-01-06T12:30:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/\"},\"wordCount\":840,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Vulnerabilities\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/\",\"url\":\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/\",\"name\":\"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2022-01-06T12:29:59+00:00\",\"dateModified\":\"2022-01-06T12:30:16+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/","og_locale":"en_US","og_type":"article","og_title":"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions - Xiarch Solutions Private Limited","og_description":"A financially-inspired attacker known as \u2018Elephant Beetle\u2019 is seizing millions of dollars from companies across the world by utilizing an arsenal of over 80 unique tools and scripts. The group is very sophisticated and patient, spending months studying the victim\u2019s environment and the financial transaction procedure, only then moves to exploit bugs in the operation. [&hellip;]","og_url":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2022-01-06T12:29:59+00:00","article_modified_time":"2022-01-06T12:30:16+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/\u2018Elephant-Beetle-Allocate-Months-in-Victim-Networks-to-Divert-Transactions-featured-image.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions","datePublished":"2022-01-06T12:29:59+00:00","dateModified":"2022-01-06T12:30:16+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/"},"wordCount":840,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Vulnerabilities"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/","url":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/","name":"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2022-01-06T12:29:59+00:00","dateModified":"2022-01-06T12:30:16+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/elephant-beetle-allocate-months-in-victim-networks-to-divert-transactions\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"\u2018Elephant Beetle\u2019 Allocate Months in Victim Networks to Divert Transactions"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/4143"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=4143"}],"version-history":[{"count":1,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/4143\/revisions"}],"predecessor-version":[{"id":4150,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/4143\/revisions\/4150"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/4149"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=4143"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=4143"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=4143"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}