Application security, Threat Management, Malware

Mumblehard Linux botnet eliminated as a threat: ESET

Security researchers at ESET reported that the spam-dispensing Mumblehard Linux botnet is no longer active due to the combined efforts of ESET, the Cyber Police of Ukraine and CyS Centrum.

Mumblehard, which was first technically dissected by ESET one-year ago, has been offline since February 29. ESET malware researcher Marc-Etienne M.Léveillé said those behind Mumblehard took action to shore up the malware after it was exposed, but with help of local authorities and other partners the cybercriminals were forced to shut it down.

“The malware authors apparently responded by removing the unnecessary domains and IP addresses from the list of C&C servers included in the malware and keeping only the one that was under their control. With only one IP address acting as the C&C server for the Mumblehard backdoor and no fallback mechanism, a takeover of that IP address would suffice to stop the malicious activities of this botnet, Léveillé wrote.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.