Browsing tag
An analysis of SMS phone-verified account (PVA) services has led to the discovery of a rogue platform built atop a botnet involving thousands of infected Android phones, once again underscoring the flaws with relying on SMS for account validation. SMS PVA services, since gaining prevalence in 2018, provide users with alternative mobile numbers that can […]
Cybersecurity researchers have unpacked a nascent Golang-based botnet called Kraken that’s under active development and features an array of backdoor capabilities to siphon sensitive information from compromised Windows hosts. “Kraken already features the ability to download and execute secondary payloads, run shell commands, and take screenshots of the victim’s system,” threat intelligence firm ZeroFox said […]
Social engineering campaigns involving the deployment of the Emotet malware botnet have been observed using “unconventional” IP address formats for the first time in a bid to sidestep detection by security solutions. This involves the use of hexadecimal and octal representations of the IP address that, when processed by the underlying operating systems, get automatically […]
New research into the infrastructure behind an emerging DDoS botnet named Abcbot has uncovered “clear” links with a cryptocurrency-mining botnet attack that came to light in December 2020. Attacks involving Abcbot, first disclosed by Qihoo 360’s Netlab security team in November 2021, are triggered via a malicious shell script that targets insecure cloud instances operated […]
Google has also filed a lawsuit against the alleged Russian threat actors and operators of Glupteba Botnet. On December 07th, 2021, Google revealed that it disrupted the Command and Control infrastructure of the Glupteba blockchain botnet targeting Windows devices. The company has now filed a lawsuit against the botnet’s Russian operators. What is Glupteba? Glupteba […]
Industrial and government organizations, including enterprises in the military-industrial complex and research laboratories, are the targets of a new malware botnet dubbed PseudoManyscrypt that has infected roughly 35,000 Windows computers this year alone. The name comes from its similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s attack toolset, Kaspersky researchers […]
Cryptocurrency users in Ethiopia, Nigeria, India, Guatemala, and the Philippines are being targeted by a new variant of the Phorpiex botnet called Twizt that has resulted in the theft of virtual coins amounting to $500,000 over the last one year. Israeli security firm Check Point Research, which detailed the attacks, said the latest evolutionary version […]
Threat actors are actively weaponizing unpatched servers affected by the newly identified “Log4Shell” vulnerability in Log4j to install cryptocurrency miners, Cobalt Strike, and recruit the devices into a botnet, even as telemetry signs point to exploitation of the flaw nine days before it even came to light. Netlab, the networking security division of Chinese tech […]
Google has also filed a lawsuit against the alleged Russian threat actors and operators of Glupteba Botnet. On December 07th, 2021, Google revealed that it disrupted the Command and Control infrastructure of the Glupteba blockchain botnet targeting Windows devices. The company has now filed a lawsuit against the botnet’s Russian operators. What is Glupteba? Glupteba […]
Google on Tuesday said it took steps to disrupt the operations of a sophisticated “multi-component” botnet called Glupteba that approximately infected more than one million Windows computers across the globe and stored its command-and-control server addresses on Bitcoin’s blockchain as a resilience mechanism. As part of the efforts, Google’s Threat Analysis Group (TAG) said it […]
The operators of TrickBot malware have infected an estimated 140,000 victims across 149 countries a little over a year after attempts were to dismantle its infrastructure, even as the malware is fast becoming an entry point for Emotet, another botnet that was taken down at the start of 2021. Most of the victims detected since […]
Bad news for the cybersecurity fraternity. Emotet malware that was dubbed the “World’s Most Dangerous” and “Widely Spread Malware” is back. As per a report from security researcher Luca Ebach, the notorious TrickBot malware is now used as an entry point for distributing a new version of Emotet malware on the systems TrickBot previously owned. […]
The notorious Emotet malware is staging a comeback of sorts nearly 10 months after a coordinated law enforcement operation dismantled its command-and-control infrastructure in late January 2021. According to a new report from security researcher Luca Ebach, the infamous TrickBot malware is being used as an entry point to distribute what appears to be a […]
Researchers from Qihoo 360’s Netlab security team have released details of a new evolving botnet called “Abcbot” that has been observed in the wild with worm-like propagation features to infect Linux systems and launch distributed denial-of-service (DDoS) attacks against targets. While the earliest version of the botnet dates back to July 2021, new variants observed […]
Cybersecurity researchers disclosed details of what they say is the “largest botnet” observed in the wild in the last six years, infecting over 1.6 million devices primarily located in China, with the goal of launching distributed denial-of-service (DDoS) attacks and inserting advertisements into HTTP websites visited by unsuspecting users. Qihoo 360’s Netlab security team dubbed […]
Microsoft has confirmed to mitigate a massive DDoS attack originated from a botnet comprising 70,000 compromised IoT devices. Microsoft reported that an unnamed customer of its Azure cloud platform was targeted with a 2.4 Tbps DDoS attack in the last week of August, which the company mitigated. This DDoS attack was around 140% higher than […]
Ukrainian law enforcement authorities on Monday disclosed the arrest of a hacker responsible for the creation and management of a “powerful botnet” consisting of over 100,000 enslaved devices that was used to carry out distributed denial-of-service (DDoS) and spam attacks on behalf of paid customers. The unnamed individual, from the Ivano-Frankivsk region of the country, […]
The infamous Mirai botnet lets threat actors use compromised devices to carry out large-scale and crippling DDoS attacks. Critical Microsoft Azure vulnerabilities reported and patched earlier this week are actively exploited by threat actors and cybercriminals. Dubbed the OMIGOD flaws; the vulnerabilities were originally discovered by the Wiz Research Team. READ: Microsoft warns of Azure […]
According to researchers, there are separate Prometei botnet versions available for Linux and Windows-based systems. According to a report from Cybereason, unpatched MS Exchange Servers are being hunted by Prometei botnet to expand its army of Monero cryptocurrency mining bots. It doesn’t come as a surprise because the vulnerabilities CVE-2021-27065 and CVE-2021-26858 identified in MS […]
Attackers are exploiting the ProxyLogon Microsoft Exchange Server flaws to co-opt vulnerable machines to a cryptocurrency botnet named Prometei, according to new research. “Prometei exploits the recently disclosed Microsoft Exchange vulnerabilities associated with the HAFNIUM attacks to penetrate the network for malware deployment, credential harvesting and more,” Boston-based cybersecurity firm Cybereason said in an analysis […]
Network security researchers from Netlab firm have just released a report that mentions that Linux servers running no patched Webmin installations are under a serious attack campaign that aims to integrate the compromised implementations to a botnet known as Roboto. During their research, specialists were able to collect the bot and the download botnet modules, […]