More than 50,000 systems are being compromised daily by the sophisticated MyloBot botnet, which is lower than the peak of 250,000 infected hosts three years ago, reports The Hacker News.
India, the U.S., Indonesia, and Iran accounted for most of the host systems impacted by MyloBot, according to a BitSight report. MyloBot has been observed to deploy the bot malware in a multi-stage sequence, which involves a 14-day dwell time prior to communications with the command-and-control server, in an effort to bypass detection.
"When Mylobot receives an instruction from the C2, it transforms the infected computer into a proxy. The infected machine will be able to handle many connections and relay traffic sent through the command-and-control server," researchers said.
Researchers also noted that continuous improvements are being done to the botnet, with updated MyloBot instances discovered to involve the use of a downloader that facilitates payload retrieval following contact with the C2 server.
Fifty percent more distributed denial-of-service attacks have been launched by threat actors during the first quarter of 2024 over the same period last year, with thwarted DDoS attacks increasing by 93% year-over-year, SiliconAngle reports.
Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.
Operations of Russia's industrial sensor and monitoring infrastructure were claimed to have been disrupted by Ukrainian hacking operation Blackjack following a Fuxnet malware attack against Moscow-based underground infrastructure firm Moscollector, reports SecurityWeek.