kurocracks
KuroCracks is a threat actor handle observed on Cracked Forum in January 2025. According to S2W TALON, the actor advertised an open-source scanner for CVE-2024-10914, described as a remote code execution vulnerability, under the title "CVE-2024-10914 SCANNER - REMOTE CODE EXECUTION - GREAT FOR BOTNETS - OPEN SOURCE." The tool reportedly combined Masscan automation with exploit delivery and was explicitly presented as useful for botnet activity. The content states that KuroCracks said the scanner was optimized using ChatGPT. Based on the provided content, KuroCracks is associated with development or promotion of AI-optimized exploitation tooling intended to accelerate vulnerability exploitation and botnet recruitment. No additional aliases, sub-groups, attribution, or targeting information are directly provided beyond the single alias/handle "kurocracks".
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Recent activity
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.