botnet

Pierluigi Paganini June 01, 2018
Crooks expand the original Mirai botnet code base with new capabilities and improvements

Cybercriminals continue to improve the infamous Mirai botnet by adding new exploits and functionalities, experts warn new dangerous variant will appear in the wild. According to Netscout’s Arbor Security Engineering and Response Team (ASERT), cybercriminals continue to improve the dreaded Mirai IoT botnet by adding new exploits and functionalities. The time to market of new Mirai botnet […]

Pierluigi Paganini May 28, 2018
Researchers And The FBI Work Together to Take Down the Russian VPNFilter Botnet Targeting Home Routers

Researchers and the FBI are working together to take down the dreaded VPNFilter botnet composed of hundreds of thousands of compromised devices. For several months, there have been rumors and vague warnings about highly skilled adversaries targeting critical infrastructure. Last week we learned some details about the warning, why you might be impacted and how […]

Pierluigi Paganini May 24, 2018
Justice Department announces actions to disrupt the VPNFilter botnet

The Justice Department announced an effort to disrupt the VPNFilter botnet of hundreds of thousands of infected home and office (SOHO) routers and other networked devices under the control of a Russia-linked APT group. Yesterday Talos and other security firm revealed the discovery of a huge botnet tracked as VPNFilter composed of more than 500,000 compromised routers and […]

Pierluigi Paganini May 23, 2018
Huge Russia-Linked botnet VPNFilter ready to launch a massive attack on Ukraine

Security firm Talos along with other cybersecurity firms and law enforcement agencies have uncovered a huge botnet dubbed VPNFilter, composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The experts believe the VPNFilter was developed by Russia and the associated malware appears to be very sophisticated, at the time they discovered more than 500,000 compromised devices across […]

Pierluigi Paganini May 22, 2018
TheMoon botnet is now leveraging a zero-day to target GPON routers

Security experts from Qihoo 360 Netlab discovered the operators behind the TheMoon botnet are now leveraging a zero-day exploit to target GPON routers. Researchers from security firm Qihoo 360 Netlab reported that cybercriminals are continuing to target the Dasan GPON routers, they recently spotted threat actors using another new zero-day flaw affecting the same routers and recruit them in […]

Pierluigi Paganini May 19, 2018
Updated – The new Wicked Mirai botnet leverages at least three new exploits

Security experts from Fortinet have spotted a new variant of the Mirai botnet dubbed ‘Wicked Mirai’, it includes new exploits and spread a new bot. The name Wicked Mirai comes from the strings in the code, the experts discovered that this new variant includes at least three new exploits compared to the original one. “The […]

Pierluigi Paganini April 13, 2018
Experts uncovered a proxy botnet composed of over 65,000 routers exposed via UPnP protocol

Security researchers at Akamai have discovered a proxy botnet composed of more than 65,000 routers exposed to the Internet via the Universal Plug and Play (UPnP) protocol. Crooks have compromised the devices of this multi-purpose proxy botnet to conduct a wide range of malicious activities, including spamming and phishing, click fraud, account takeover and credit card […]

Pierluigi Paganini March 27, 2018
GoScanSSH Malware spread avoiding Government and Military networks

Security experts at Cisco Talos discovered a new piece of malware dubbed GoScanSSH that was being used to compromise SSH servers exposed online. Security researchers at Cisco Talos have discovered a new piece of malware dubbed GoScanSSH that was being used to compromise SSH servers exposed online. The malicious code was written in Go programming language, uncommon for […]

Pierluigi Paganini March 15, 2018
The RottenSys botnet is already composed of nearly 5 million Android devices

RottenSys – A Chinese crime ring is building a huge botnet that is already composed of nearly 5 million Android device. Researchers at Check Point discovered attackers infecting the device with a strain of malware dubbed RottenSys that aggressively display ads on victims’ devices. “The Check Point Mobile Security Team has discovered a new widespread malware family […]

Pierluigi Paganini February 23, 2018
Chaos backdoor, a malicious code that returns from the past targets Linux servers

Security experts from GoSecure, hackers are launching SSH brute-force attacks on poorly secured Linux servers to deploy a backdoor dubbed Chaos backdoor. “This post describes a backdoor that spawns a fully encrypted and integrity checked reverse shell that was found in our SSH honeypot,” states the report published by GoSecure. “We named the backdoor ‘Chaos’, following the name […]