Botnet | SC Media

Botnet

Flaw in Confluence collaboration products exploited to deliver GandCrab, AESDDoS Botnet malware

Malicious actors have been serving up GandCrab ransomware and a variant of AESDDoS Botnet malware by exploiting a recently patched vulnerability in two “Confluence” team collaboration products from Australia-based Atlassian. GandCrab is a malicious encryption program that first emerged in early 2018, while the AESDDoS variant is a more versatile program capable of remote code…

Emotet now using stolen emails for new attacks

The Emotet gang has started using the emails it stole in October 2018 marking a major milestone for the group and its activities. Cofense reported the group has so far sent more than 1,000 unique emails, with their own subject line, sent and is part of an effort to get away from using template-based emails…

Mirai botnet upgraded to work with new IoT processors

The developers behind the Mirai botnet have recompiled the malware so it can take advantage of a wider group of processors/architectures and upgraded with a new encryption algorithm. Palo Alto Networks Unit 42 in February found samples of Mirai compiled for Altera Nios II, OpenRISC, Tensilica Xtensa, and Xilinx MicroBlaze processors, which primarily are used…

Docker API vulnerability allows hackers to mine Monero

A newly discovered and heavily exploited Docker host vulnerability has allowed hundreds of websites to be illegally accessed and injected with a cryptocurrency miner. The flaw, CVE-2019-5736, allows an attacker to gain host root access from the Docker container through the remote Docker API. Normally, the Docker API allows admins to control a remote Docker…

IoT devices attacked faster than ever, DDoS attacks up dramatically: Netscout

Cybercriminals upped their game in a big way in 2018, dramatically increasing the number and severity of DDoS attacks and refining their IoT attacks to entirely new levels. The main takeaway from Netscout’s Threat Report that looked at the second half of 2018 was that cybercriminals built and used cheaper, easier-to-deploy and more persistent malware…

DOJ campaign aims to destroy Joanap botnet

The Department of Justice is attempting to disrupt the North Korean operated Joanap botnet by creating a roadmap of computers infected with the malware and then notifying those affected to the infected computer can be removed from the botnet. To try and defeat the Joanap botnet a court order was requested and received allowing the…

Hakai and Yowai botnets abuse ThinkPHP vulnerabilities

Cybercriminals are exploiting vulnerabilities in the ThinkPHP open source framework to expand the Hakai and Yowai botnets. The botnets can be used to breach web servers and launch DDoS attacks against websites using a  vulnerability in the framework’s invokeFunction method to execute malicious code on the underlying server, Trend Micro researchers said in a Jan.…

Bots Are an Existential Threat to Our Economy

By Tiffany Olson Kleemann, CEO, Distil Networks In 1998, “Titanic” became the first movie to gross $1 billion, the Michael Jordan-led Chicago Bulls won their sixth NBA championship, and President Bill Clinton was impeached but acquitted of wrongdoing in the Monica Lewinsky scandal. It also was the year when bots – pieces of software that run automated tasks over…

Enslaved Word Press sites attack sister-sites in botnet attack

Threat actors have created a botnet army using 20,000 infected Word Press sites that is, in turn, assaulting other Word Press websites using dictionary-style brute force attacks in an attempt to gain access. This information was revealed by Wordfence, a Word Press security plugin supplier, yesterday. Wordfence said its plugin has tracked and stopped more…

Arrest

FBI swats down massive, botnet-fueled ad fraud operation

With a heavy assist from private-sector cybersecurity and tech organizations, the FBI has dismantled a highly complex fraud network responsible for generating billions upon billions of fake online ad placements. In conjunction with the takedown, the U.S. Department of Justice yesterday announced a 13-count indictment filed against eight individuals, each a resident of either Russia,…

Next post in Security News