botnet Archives - Security Affairs

Pierluigi Paganini June 09, 2025

New Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721

A new variant of the Mirai botnet exploits CVE-2024-3721 to target DVR systems, using a new infection method. Researchers from Russian cybersecurity firm Kaspersky discovered a new variant of the Mirai botnet that exploits a command injection vulnerability (CVE-2024-3721) in TBK DVR-4104 and DVR-4216 digital video recording devices. During a review of the logs in […]

Pierluigi Paganini May 29, 2025

New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor.

GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor. GreyNoise discovered the AyySSHush botnet has hacked over 9,000 ASUS routers, adding a persistent SSH backdoor. “Using an AI powered network traffic analysis tool we built called SIFT, GreyNoise has caught multiple anomalous network payloads with zero-effort that […]

Pierluigi Paganini May 28, 2025

New PumaBot targets Linux IoT surveillance devices

PumaBot targets Linux IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine crypto. Darktrace researchers discovered a new botnet called PumaBot targets Linux-based IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine cryptocurrency. PumaBot skips broad internet scans and instead pulls a list of targets from its […]

Pierluigi Paganini May 16, 2025

New botnet HTTPBot targets gaming and tech industries with surgical attacks

New botnet HTTPBot is targeting China’s gaming, tech, and education sectors, cybersecurity researchers warn. NSFOCUS cybersecurity discovered a new botnet called HTTPBot that has been used to target the gaming industry, technology firms, and educational institutions in China. HTTPBot is a Go-based botnet first detected in August 2024, however, its activity surged by April 2025. The botnet […]

Pierluigi Paganini May 10, 2025

Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services

Law enforcement dismantled a 20-year botnet behind Anyproxy and 5socks cybercriminals services and arrested four suspects. Authorities dismantled a 20-year-old botnet tied to Anyproxy and 5socks as part of an international operation codenamed “Operation Moonlander”; four men, including three Russians, were indicted for running the illegal proxy networks. The U.S. Justice Department charged Russian nationals, […]

Pierluigi Paganini March 07, 2025

Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras

Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to achieve remote command execution. US CISA warns that multiple botnets are exploiting a recently disclosed vulnerability, tracked as CVE-2025-1316 (CVSS score of 9.8), in Edimax IC-7100 IP cameras. The issue is an Improper Neutralization of Special Elements used in an […]

Pierluigi Paganini February 24, 2025

A large botnet targets M365 accounts with password spraying attacks

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide. The attackers targeted accounts protected with basic authentication bypassing multi-factor authentication. The experts pointed out that organizations […]

Pierluigi Paganini January 29, 2025

Aquabot variant v3 targets Mitel SIP phones

A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Akamai researchers spotted a new variant of the Mirai-based botnet Aquabot that is targeting vulnerable Mitel SIP phones. Aquabot is a Mirai-based botnet designed for DDoS attacks. Named after the “Aqua” filename, it was first […]

Pierluigi Paganini December 26, 2024

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Akamai researchers discovered a new Mirai botnet variant targeting a vulnerability in DigiEver DS-2105 Pro DVRs. Akamai researchers spotted a Mirai-based botnet that is exploiting an remote code execution vulnerability in DigiEver DS-2105 Pro NVRs. The experts pointed out that this Mirai variant has been modified to use improved encryption algorithms. The Mirai variant incorporates ChaCha20 and […]

Pierluigi Paganini December 21, 2024

BadBox rapidly grows, 190,000 Android devices infected

Experts uncovered a botnet of 190,000 Android devices infected by BadBox bot, primarily Yandex smart TVs and Hisense smartphones. Bitsight researchers uncovered new BADBOX infrastructure, company’s telemetry shows that over 192,000 devices were infected with the BADBOX bot. The botnet includes 160,000 previously unseen devices, notably Yandex 4K QLED Smart TVs and T963 Hisense Smartphones. Most […]

botnet

New Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721

New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor.

New PumaBot targets Linux IoT surveillance devices

New botnet HTTPBot targets gaming and tech industries with surgical attacks

Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services

Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras

A large botnet targets M365 accounts with password spraying attacks

Aquabot variant v3 targets Mitel SIP phones

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

BadBox rapidly grows, 190,000 Android devices infected

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

McDonald’s job app exposes data of 64 Million applicants

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

UK NCA arrested four people over M&S, Co-op cyberattacks

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

QUICK LINKS

botnet

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!