Botnet | SC Media

Botnet

Mirai, Neko and Bashlite variants unleashed

Starting in mid-July new variants of Mirai, Bashlite and Neko began appearing in honeypots, all of which are designed to assemble botnets capable of launching DDoS attacks. Trend Micro came across the first variant, based on Neko, on July 22 capable of brute forcing weak credentials and then unleashing a very capable set of malware…

5 ways hackers use digital channels to launch VIP attacks

VIP attacks target high-profile individuals like company executives, politicians, and celebrities. For enterprise businesses, executives present a critical target for hackers, usually because they have access to a vast wealth of information. Politicians are commonly targeted by hacktivists and state operators for socio-political reasons. Celebrities, by contrast, are targeted for a multitude of reasons and…

Flaw in Confluence collaboration products exploited to deliver GandCrab, AESDDoS Botnet malware

Malicious actors have been serving up GandCrab ransomware and a variant of AESDDoS Botnet malware by exploiting a recently patched vulnerability in two “Confluence” team collaboration products from Australia-based Atlassian. GandCrab is a malicious encryption program that first emerged in early 2018, while the AESDDoS variant is a more versatile program capable of remote code…

Emotet now using stolen emails for new attacks

The Emotet gang has started using the emails it stole in October 2018 marking a major milestone for the group and its activities. Cofense reported the group has so far sent more than 1,000 unique emails, with their own subject line, sent and is part of an effort to get away from using template-based emails…

Mirai botnet upgraded to work with new IoT processors

The developers behind the Mirai botnet have recompiled the malware so it can take advantage of a wider group of processors/architectures and upgraded with a new encryption algorithm. Palo Alto Networks Unit 42 in February found samples of Mirai compiled for Altera Nios II, OpenRISC, Tensilica Xtensa, and Xilinx MicroBlaze processors, which primarily are used…

Docker API vulnerability allows hackers to mine Monero

A newly discovered and heavily exploited Docker host vulnerability has allowed hundreds of websites to be illegally accessed and injected with a cryptocurrency miner. The flaw, CVE-2019-5736, allows an attacker to gain host root access from the Docker container through the remote Docker API. Normally, the Docker API allows admins to control a remote Docker…

IoT devices attacked faster than ever, DDoS attacks up dramatically: Netscout

Cybercriminals upped their game in a big way in 2018, dramatically increasing the number and severity of DDoS attacks and refining their IoT attacks to entirely new levels. The main takeaway from Netscout’s Threat Report that looked at the second half of 2018 was that cybercriminals built and used cheaper, easier-to-deploy and more persistent malware…

DOJ campaign aims to destroy Joanap botnet

The Department of Justice is attempting to disrupt the North Korean operated Joanap botnet by creating a roadmap of computers infected with the malware and then notifying those affected to the infected computer can be removed from the botnet. To try and defeat the Joanap botnet a court order was requested and received allowing the…

Next post in Government/Defense