Fraud Blocker

CISA and FBI Release Known IOCs Associated with Androxgh0st Malware

CISA and FBI Release Known IOCs Associated with Androxgh0st Malware

Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory (CSA) to spread awareness about the known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the Androxgh0st malware. This advisory aims to help organizations identify and defend against this malicious threat.

Androxgh0st Malware Overview:

Androxgh0st malware is a highly sophisticated threat that creates a botnet to target vulnerable networks for exploitation. Its primary objective is to access and compromise files containing sensitive information, including credentials for high-profile applications.

Vulnerabilities Exploited:

The threat actors behind Androxgh0st malware have been observed exploiting specific vulnerabilities that could potentially lead to remote code execution. These vulnerabilities include:

  • CVE-2017-9841 (PHP Unit Command)
  • CVE-2021-41773 (Apache HTTP Server versions)
  • CVE-2018-15133 (Laravel applications)

Mitigation and Response:

CISA and the FBI strongly recommend organizations to review and implement the mitigations described in the joint CSA to reduce the likelihood and impact of cybersecurity incidents caused by Androxgh0st malware. Additionally, CISA will be including these Common Vulnerabilities and Exposures (CVEs) in its Known Exploited Vulnerabilities Catalog.

Stay Protected:

To learn more about the Androxgh0st malware, its IOCs, and the recommended mitigations, please visit CISA's official Malware, Phishing, and Ransomware page. Organizations must stay updated on cybersecurity threats and take proactive measures to protect their networks and confidential information.


The collaboration between CISA and the FBI in releasing the known IOCs associated with Androxgh0st malware demonstrates the agencies' commitment to maintaining a secure cyberspace. By raising awareness and giving guidance on mitigation, organizations can protect their networks and stay ahead of malicious threat actors.

Cyber threats are always changing, so it's important to stay informed and use strong security measures to stay safe.

Published on 
January 17, 2024
Share This