Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services

Originally published by SentinelOne.Written by Alex Delamotte. Executive SummaryFBot is a Python-based hacking tool distinct from other cloud malware families, targeting web servers, cloud services, and SaaS platforms like AWS, Office365, PayPal, Sendgrid, and Twilio.FBot does not utilize the widely-used Androxgh0st code but shares similarities with the Legion cloud infostealer in functionality and design.Key features include credential harvesting for spamming attacks, AWS account hijacking t...

alex androxgh0st aws cloud cloud malware cloud services code executive families fbot hacking hacking tool infostealer legion malware office365 payment paypal platforms python saas saas platforms sendgrid sentinelone servers services targeting the legion tool twilio web web servers written