Botnet | SC Media


DOJ campaign aims to destroy Joanap botnet


The Department of Justice is attempting to disrupt the North Korean operated Joanap botnet by creating a roadmap of computers infected with the malware and then notifying those affected to the infected computer can be removed from the botnet. To try and defeat the Joanap botnet a court order was requested and received allowing the…

Hakai and Yowai botnets abuse ThinkPHP vulnerabilities


Cybercriminals are exploiting vulnerabilities in the ThinkPHP open source framework to expand the Hakai and Yowai botnets. The botnets can be used to breach web servers and launch DDoS attacks against websites using a  vulnerability in the framework’s invokeFunction method to execute malicious code on the underlying server, Trend Micro researchers said in a Jan.…

Bots Are an Existential Threat to Our Economy

By Tiffany Olson Kleemann, CEO, Distil Networks In 1998, “Titanic” became the first movie to gross $1 billion, the Michael Jordan-led Chicago Bulls won their sixth NBA championship, and President Bill Clinton was impeached but acquitted of wrongdoing in the Monica Lewinsky scandal. It also was the year when bots – pieces of software that run automated tasks over…

Enslaved Word Press sites attack sister-sites in botnet attack


Threat actors have created a botnet army using 20,000 infected Word Press sites that is, in turn, assaulting other Word Press websites using dictionary-style brute force attacks in an attempt to gain access. This information was revealed by Wordfence, a Word Press security plugin supplier, yesterday. Wordfence said its plugin has tracked and stopped more…


FBI swats down massive, botnet-fueled ad fraud operation


With a heavy assist from private-sector cybersecurity and tech organizations, the FBI has dismantled a highly complex fraud network responsible for generating billions upon billions of fake online ad placements. In conjunction with the takedown, the U.S. Department of Justice yesterday announced a 13-count indictment filed against eight individuals, each a resident of either Russia,…


IoT botnet BCMUPnP_Hunter targets routers with vulnerable UPnP feature


A large-scale botnet malware operation has been targeting router equipment running vulnerable versions of the Broadcom Universal Plug and Play (UPnP) feature. Active since at least September 2018, malicious campaign appears to be infecting devices for the likely purpose of converting them into spam bots, according to a blog post yesterday from researchers at Qihoo’s…

‘Outlaw’ threat actor uses Shellbot variant to form new botnet


An unknown threat actor has been targeting organizations with botnet malware that communicates with its command-and-control server via the Internet Relay Chat application layer protocol. Nicknamed Outlaw, the hacking group developed the botnet as a Perl language-based variant of Shellbot, according to a Nov. 1 blog post from Trend Micro, whose researchers uncovered the threat. Shellbot is…

‘Narwhal Spider’ group’s spam campaign targets Japanese recipients with URLZone malware


A newly discovered spam campaign powered by version two of the well-known Cutwail botnet has been found targeting Japanese users in an attempt to infect them with the URLZone (aka Bebloh) banking trojan. In a company blog post yesterday, Crowdstrike researchers Sebastian Eschweiler, Brett Stone-Gross and Bex Hartley note that the operation leverages the art of…

Torii malware could be gateway to more sophisticated IoT botnet attacks


Researchers have discovered yet another Internet of Things botnet derived from Mirai — but instead of conducting DDoS attacks or cryptomining like most variants, this one’s core functionality is exfiltrating information and executing malicious commands. Making matters worse, the malware’s potential target list is unusually large, considering that it supports attacks against a variety of…

Next post in Cybercrime