BleepingComputer reports that researchers have discovered a new version of the Fodcha DDoS botnet, featuring upgrades to deter analysis by security researchers and the ability to inject ransom demands into packets.
The researchers at 360Netlab who discovered the botnet in April 2022 said it has steadily been receiving upgrades over time and its current version 4 is now targeting 1,000 victims daily on average, compared with 100 per day in April, and operates 60,000 active bot nodes per day supported by 42 C2 domains, allowing it to generate up to 1Tbps of destructive traffic.
The botnet achieved a new peak on Oct. 11, 2022, in which it attacked 1,396 targets, and currently has a global reach with targets infected in Brazil, Canada, Japan and Australia. According to researchers, operators are now also able to embed ransom demands in the Data portion of Fodchas DDoS packets, informing victims that they seek payment of 10 XMR or Monero worth around $1,500 in exchange for stopping the attacks.
North Korea's Lazarus Group has leveraged the backdoored PDF reader app SwiftLoader used in the RustBucket campaign to facilitate the deployment of the KANDYKORN macOS malware in a bid to better evade detection, according to The Hacker News.
Europol and law enforcement agencies across seven countries, including the U.S., have dismantled a Ukraine-based ransomware operation following the arrests of its alleged leader and four accomplices, CyberScoop reports.
Real-world Insights from a Sophos Threat Analyst: It’s Great You Have a Firewall, But Here’s Why You Shouldn’t Skip Over MDR
Revolutionizing the essentials: Friction-minimizing approaches to overcoming advanced account takeover (ATO)
Evening the Odds Against Overpowered Cyber Adversaries: A Business Impact Analysis
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news