Botnet News, Articles and Updates

FBI seizes domain behind VPNFilter botnet

The FBI has seized the domain it believes is linked to the Russian-run VPNFilter botnet that was poised to launch a massive attack, possibly against the Ukraine.

That smarts! 'Brain Food' spam botnet malware found on thousands of websites

A spam campaign called Brain Food has been feeding email recipients a steady diet of junk messages containing links to pages promoting bogus intelligence-boosting supplements and diet pills.

Mirai variant that struck financial institutions in January detailed

A new variant of the Mirai botnet was used to attack at least three financial institutions earlier this year using a variety of compromised consumer and enterprise level IoT products.

Malicious bot traffic climbs 9.5 percent in 2017, says report

The number of malicious bots circulating around the internet and impacting website performance increased by 9.5 in 2017, accounting for 21.8 percent of all traffic, according to a new report today from bot detection and mitigation firm Distil Networks, based on data collected from its global network.

FYI, the OMG Mirai botnet variant turns IoT devices into proxy servers

A newly discovered variant of Mirai botnet malware forces infected devices to act as proxy servers capable of protecting the anonymity of cybercriminals engaging in illegal activities.

JenX botnet using video game to recruit IoT devices

Security researchers have found a new botnet that uses flaws connected to the Satori botnet and uses hosting services running multiplayer versions of Grand Theft Auto to infect IoT devices.

Scarabey ransomware introduces new tactics, distribution

The malicious actors behind the Scarab ransomware have rolled out a new variant, one that uses a different distribution method and ransom threat in order to infect computers and ensure payment.

Malware behind Satori botnet posted to Pastebin

The code that exploits a flaw in Huawei a router that enables these devices to be turned into botnets to push Satori and Brickerbot has been publicly posted on Pastebin.

Hex-Men Trio using compromised SQL servers to conduct mining, DDoS attacks

A trio of campaigns, jointly known as the Hex-Men Trio, that are going after SQL Servers has been identified by Guardicore Labs.

Three plead guilty to creating Mirai IoT botnet malware

Three men have pleaded guilty in federal court to charges related to the creation of the Mirai Internet of Things botnet malware, variants of which have been used in a series of debilitating distributed denial of service (DDoS) attacks.

Ramnit botnet spotted in Google Play but poses limited threat

In much the same way a forgotten land mine can cause injury years after it was planted and forgotten, researchers are noticing the Ramnit worm popping up on mobile devices two years after its main users were taken down.

Office 365 joke: KnockKnock, Who's there? Botnet malware

Microsoft's already battered Office 365 is once again being targeted, this time by KnockKnock, a botnet attack designed to specifically victimize the office productivity software suite.

Android malware on Google Play grows botnets, launches DDoS attacks

The Sockbot malware has made its way into at least eight Apps in the Google Play Store with the intent of adding devices to botnets and performing DDoS attacks.

Necurs attackers likely gathering intel via downloader screen grabs

Symantec researchers said a new error-reporting capability and screen grab functionality indicates that Necurs attackers are trying to obtain operational intelligence.

Cryptocurrency miners increasingly use CPU mining tools

Cryptocurrency miners have increased their use of mining tools that utilize central processing unit (CPU), and to a lesser extent graphic processing units (GPU) specifically those targeting enterprise networks.

'Thingbots' become a 'thing' expected to underpin a future darknet

Botnets built exclusively from IoT devices have very much become a 'thing - thingbots - and they are now becoming a primary infrastructure for a future darknet according to a report from cybersecurity firm F5 Networks.

Taking down Avalanche, a case study in international cooperation

International cooperation across all levels of government and law enforcement with those agencies working closely with the cybersecurity industry is the only way to bring down cybercrime operations, an FBI official said at Black Hat 2017.

BrickerBot malware attacks and destroys unsecure IoT devices

The security firm Radware has come across two new forms of Denial of Service (DOS) malware that is attacking and bricking Internet of Things devices for as yet unknown reasons.

Mirai 2.0 hits college in February with 54-hour long DDoS attack

A newer and more potent version of Mirai malware was used last month to pummel an unnamed U.S. college with a 54-hour long distributed denial of service (DDoS) attack.

Cybercrime Blotter: Ebury botnet creator Maxim Senakh pleads guilty

Russian national Maxim Senakh agreed to a plea deal on March 28 that could place him in prison for up to five years, paying restitution, and also being fined of up to $250,000 for creating and spreading the Ebury botnet.

Are 'bad bots' weaponising data centres to spread fake news?

As bad bots increasingly take up a greater share of internet traffic, are data centres providing the roads?

Trend Micro details new IoT DDoS threat

Trend Micro is reporting a new threat to Linux-based Internet of Things devices that is specifically able to exploit a specific vulnerability in surveillance cameras made by AVTech.