Risk Assessments/Management, Breach, Security Architecture

More devices targeted by updated EnemyBot Linux botnet

New security vulnerabilities have been added by Keksec threat group, also known as Kek Security, FreakOut, and Necro, to its Enemybot Linux-based botnet to attack web servers, content management systems, and Android devices, reports The Hacker News. VMware Workspace ONE, WordPress, Adobe ColdFusion, and PHP Scriptcase, as well as Android and IoT devices have been targeted by the updated version of Enemybot, which AT&T Alien Labs researchers found to have a Python module for dependency downloads and malware compilation for various OS architectures; an obfuscation segment for malware string encoding and decoding; core botnet section; and a command-and-control server. "Keksec's Enemybot appears to be just starting to spread, however due to the authors' rapid updates, this botnet has the potential to become a major threat for IoT devices and web servers... This indicates that the Keksec group is well resourced and that the group has developed the malware to take advantage of vulnerabilities before they are patched, thus increasing the speed and scale at which it can spread," said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.