Pierluigi Paganini
October 30, 2018
Security experts from Radware have spotted a new botnet dubbed DemonBot that it targeting Hadoop clusters to launch DDoS attacks against third parties. Operators behind the DemonBot botnet target an unauthenticated remote command execution in Hadoop YARN (Yet Another Resource Negotiator). DemonBot bot only infects central servers, at the time of the report experts found over 70 active exploit servers […]
Pierluigi Paganini
October 27, 2018
Security researchers at FortiGuard Labs have discovered a new DDoS-for-hire service called “0x-booter” built with leaked code that implements an easy to use interface. “0x-booter” first appeared on October 17, 2018, a post published on Facebook advertises over 500 Gbps of power and 20,000 bots. “During our regular monitoring, the FortiGuard Labs team recently discovered a new platform […]
Pierluigi Paganini
October 24, 2018
Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. Security experts from Sophos Labs have spotted a new piece of Linux malware tracked as Chalubo (ChaCha-Lua-bot) that is targeting IoT devices in an attempt to recruit them into […]
Pierluigi Paganini
October 08, 2018
Experts from Tenable Research have devised a new attack technique to fully compromise MikroTik Routers. MikroTik routers continue to be under attack, and the situation is getting worse because of the availability of a new PoC code. The new attack technique discovered by experts at Tenable Research could be exploited by remote attackers to execute […]
Pierluigi Paganini
September 26, 2018
The latest samples of the HNS bot were designed to target Android devices having the wireless debugging feature ADB enabled. The Hide and Seek (HNS) IoT botnet was first spotted early this year, since its discovery the authors continuously evolved its code. The IoT botnet appeared in the threat landscape in January, when it was first discovered on January 10th […]
Pierluigi Paganini
September 23, 2018
Security experts from Trend Micro discovered a new malware tracked as Virobot that combines ransomware and botnet capabilities. Virobot encrypts files on infected machines and is also implements spam botnet abilities and leverages it target other systems. Virobot was first spotted on September 17, 2018, experts pointed out that it is not associated with any known ransomware […]
Pierluigi Paganini
September 14, 2018
The creator of the infamous Kelihos Botnet, Peter Yuryevich Levashov (38) pleaded guilty this week to computer crime, fraud, conspiracy and identity theft charges. Yuryevich Levashov (38), the botmaster of the dreaded Kelihos Botnet pleaded guilty this week to computer crime, fraud, conspiracy and identity theft charges. In April 2017, the United States Department of Justice announced that Peter […]
Pierluigi Paganini
September 10, 2018
Security experts with Unit 42 at Palo Alto Networks have discovered new variants of the Mirai and Gafgyt IoT malware targeting enterprises. Both botnets appear very interesting for two main reasons: The new Mirai variant targets the same Apache Struts vulnerability exploited in the 2017 Equifax data breach. The vulnerability affects the Jakarta Multipart parser upload […]
Pierluigi Paganini
August 31, 2018
Today I’d like to share a full path analysis including a KickBack attack which took me to gain full access to an entire Ursniff/Gozi botnet. In other words:Â from a simple “Malware Sample” to “Pwn the Attacker Infrastructure”. NB: Federal Police have already been alerted on such a topic as well as National and International […]
Pierluigi Paganini
August 31, 2018
A youngster (20) from Washington was indicted last week on federal computer hacking charges after rival hackers fingered him as the creator of a Mirai variant dubbed Satori. MalwareMustDie Team: “It’s time for every teenager or young man to know that playing with malware is the fastest way to finish in the jail” Mirai, Mirai […]
