Heads up! Xdr33, A Variant Of CIA's HIVE Attack Kit Emerges
The main function of Beacon is to periodically collect PID, MAC, SystemUpTime, process and network related device information; then use bzip, XTEA algorithm to compress and encrypt the device information, and report to C2; finally wait for the execution of the commands issued by C2. ... Bot uses the XTEA KEY obtained from Step2 to encrypt the device information and report it to C2. Malware: Hive(elf.hive), HIVE, Hive(win.hive), xdr33 [View Article](https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges/)