Browsing tag
The remote access trojan (RAT) known as Remcos RAT has been found being propagated via webhards by disguising it as adult-themed games in South Korea. WebHard, short for web hard drive, is a popular online file storage system used to upload, download, and share files in the country. While webhards have been used in the […]
A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications channel. “The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities,” Russian cybersecurity company […]
The threat actors behind ShellBot are leveraging IP addresses transformed into their hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. “The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed from a regular IP address to a hexadecimal value,” […]
An updated version of a botnet malware called KmsdBot is now targeting Internet of Things (IoT) devices, simultaneously branching out its capabilities and the attack surface. “The binary now includes support for Telnet scanning and support for more CPU architectures,” Akamai security researcher Larry W. Cashdollar said in an analysis published this month. The latest […]
Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot. “ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server,” AhnLab Security Emergency response Center (ASEC) said in […]
The Zerobot DDoS botnet has received substantial updates that expand on its ability to target more internet-connected devices and scale its network. Microsoft Threat Intelligence Center (MSTIC) is tracking the ongoing threat under the moniker DEV-1061, its designation for unknown, emerging, or developing activity clusters. Zerobot, first documented by Fortinet FortiGuard Labs earlier this month, […]
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48 domains that offered services to conduct distributed denial-of-service (DDoS) attacks on behalf of other threat actors, effectively lowering the barrier to entry for malicious activity. It also charged six suspects – Jeremiah Sam Evans Miller (23), Angel Manuel Colon Jr. (37), Shamar […]
Akamai identified a new Record-Breaking DDoS assault in Europe with attack traffic spiking to 704.8 Mpps to cripple the organization’s business operations. “On Monday, September 12, 2022, Akamai successfully detected and mitigated the now-largest DDoS attack ever launched against a European customer on the Prolexic platform, with attack traffic abruptly spiking to 704.8 Mpps in […]
In the past few weeks, an organization in Eastern Europe has been the victim of the biggest DDoS attack that the continent has ever experienced. During the past month, several DDoS attacks have been launched against the target, a customer of Akamai, as part of an ongoing assault. Attackers are increasingly using DDoS attacks to […]
The botnet behind the largest HTTPS distributed denial-of-service (DDoS) attack in June 2022 has been linked to a spate of attacks aimed at nearly 1,000 Cloudflare customers. Calling the powerful botnet Mantis, the web performance and security company attributed it to more than 3,000 HTTP DDoS attacks against its users. The most attacked industry verticals […]
For the protection of Cloudflare customers last week, Cloudflare assessed 26 million requests per second and mitigated the attacks as part of a DDoS attack mitigation strategy. While this DDoS attack has been registered as the largest HTTPS DDoS attack on record. In this attack, a botnet network consisting of approximately 5,000 devices launched this […]
A threat group that pursues crypto mining and distributed denial-of-service (DDoS) attacks has been linked to a new botnet called Enemybot, which has been discovered enslaving routers and Internet of Things (IoT) devices since last month. “This botnet is mainly derived from Gafgyt‘s source code but has been observed to borrow several modules from Mirai‘s […]
A variant of the Mirai botnet called Beastmode has been observed adopting newly disclosed vulnerabilities in TOTOLINK routers between February and March 2022 to infect unpatched devices and expand its reach potentially. “The Beastmode (aka B3astmode) Mirai-based DDoS campaign has aggressively updated its arsenal of exploits,” Fortinet’s FortiGuard Labs Research team said. “Five new exploits […]
Cybercriminals leverage multiple methods to bring financial gain. Most of the ways are based on infiltrating an organization’s network and gaining unauthenticated access, which will lead to disruption in their operations. This can be achieved by Ransomware or DDoS Extortion attacks. Ransomware and DDoS extortion attacks are both threats businesses should take seriously. Here are […]
A newly discovered botnet capable of staging distributed denial-of-service (DDoS) attacks targeted unpatched Ribbon Communications (formerly Edgewater Networks) EdgeMarc appliances belonging to telecom service provider AT&T by exploiting a four-year-old flaw in the network appliances. Chinese tech giant Qihoo 360’s Netlab network security division, which detected the botnet first on October 27, 2021, called it […]
In September 2021, Bandwidth.com suffered a series of days-long DDoS attacks forcing its service to go offline in the United States. In September 2021, Hackread shared details of DDoS attacks targeting voice over Internet Protocol (VoIP) services of VoIP giant Bandwidth.com causing voice and messages service disruption in the United States. Now, the company has published its […]
Soon after the cyberattack, videos and posts started surfacing on social media displaying messages that read: “Khamenei! Where is our gas?” Another sign read: “Free gas in Jamaran gas station.” Petrol stations across Iran were crippled after a cyberattack that led to disruption in fuel sales and defacing electronic billboards for displaying threatening messages mocking […]
Apparently, the individuals who received the warning were identified as suspects and will be prosecuted for a cyber offense if they continue using DDoS services. Dutch National Police have sent final warning letters to around thirty users of an on-demand DDoS (distributed denial of service) website. The move indicates that the police in Europe are […]
Bandwidth.com has been suffering DDoS attacks for the past 3 days nonstop. Bandwidth.com is the newest victim of DDoS attacks, explicitly targeting voice over Internet Protocol (VoIP) services providers. According to sources, the attack against Bandwidth caused countrywide voice and message services outages. The attackers are yet unidentified. SEE: Yandex hit by largest DDoS attack […]
According to local Russian media, these DDoS attacks originated from several different countries including India, China, Brazil, Russia, Germany, Thailand, Lithuania, Bangladesh, and the United States. Last week, the Russian technology and search engine giant Yandex revealed that it suffered the world’s largest DDoS attacks ever recorded. Now, in what seems to be a continuation […]
Although unconfirmed; the notorious REvil ransomware gang could be behind the DDoS attacks on VoIP.ms. A Quebec-based Internet phone service provider VoIP.ms, which offers voice-over-IP services, has been down since September 17th. Reportedly, the firm is being held to ransom after becoming a victim of a massive and sustained DDoS attack. The assault has severely […]