Game servers have been subjected to distributed denial-of-service attacks using new RapperBot malware samples last month, reports The Hacker News.
While RapperBot was initially found to only facilitate brute-force attacks against SSH servers permitting password authentication, the updated malware could also enable Telnet brute-forcing and denial-of-service attacks, a report from Fortinet FortiGuard Labs revealed. Appliances operating on ARM, PowerPC, MIPS, SPARC, and SH4 architectures could be compromised by the new malware.
Meanwhile, the report also noted similarities between the latest campaign and other RapperBot operations as early as May 2021, with the Telnet spreader module discovered to have been reintroduced to the malware last month following its removal after August 2021.
"Based on the undeniable similarities between this new campaign and the previously reported RapperBot campaign, it is highly likely that they are being operated by a single threat actor or by different threat actors with access to a privately-shared base source code," said researchers.
Several U.S. defense and government organizations have been targeted by state-backed Chinese hacking group Bronze Silhouette, also known as Volt Typhoon, for military intelligence over a period of at least two years, according to The Record, a news site by cybersecurity firm Recorded Future.
Russian, North Korean, and Iranian advanced persistent threat operations have been launching more attacks aimed at compromising small- and medium-sized businesses, as well as their regional managed service providers, reports SecurityWeek.