botnet

Pierluigi Paganini April 27, 2021
FBI shares with HIBP 4 million email addresses involved in Emotet attacks

The FBI has shared with Have I Been Pwned service 4 million email addresses collected by Emotet botnet and employed in malware campaigns. Last week, European law enforcement has conducted an operation aimed at performing a mass-sanitization of computers infected with the infamous Emotet Windows malware. The authorities automatically wiped the infamous Emotet malware from infected systems […]

Pierluigi Paganini April 22, 2021
Pareto Botnet, million infected Android devices conduct fraud in the CTV ad ecosystem

Researchers from Human Security have uncovered a huge botnet of Android devices being used to conduct fraud in the connected TV advertising ecosystem. Security researchers at Human Security (formerly White Ops) discovered a massive Android botnet, dubbed Pareto, used to conduct fraud in the Connected TV (CTV) advertising ecosystem. The Pareto botnet is composed of […]

Pierluigi Paganini April 16, 2021
Mirai code re-use in Gafgyt

Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code.  Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt”, via threat intelligence systems and our in-house osquery-based sandbox. Upon analysis, we identified several codes, techniques and implementations of Gafgyt, […]

Pierluigi Paganini March 17, 2021
New ZHtrap botnet uses honeypot to find more victims

Netlab 360 experts discovered a new Mirai-based botnet dubbed ZHtrap that implements honeypot to find more victims. Researchers from Netlab 360 discovered a new Mirai-based botnet dubbed ZHtrap that implements honeypot to find more victims. ZHtrap propagates using four vulnerabilities, experts pointed out that the botnet mainly used to conduct DDoS attacks and scanning activities, […]

Pierluigi Paganini March 16, 2021
New Mirai variant appears in the threat landscape

Palo Alto researchers uncovered a series of ongoing attacks to spread a variant of the infamous Mirai bot exploiting multiple vulnerabilities. Security experts at Palo Alto Networks disclosed a series of attacks aimed at delivering a Mirai variant leveraging multiple vulnerabilities. Below the list of vulnerabilities exploited in the attacks, three of which were unknown issues: […]

Pierluigi Paganini February 22, 2021
Ukraine sites suffered massive attacks launched from Russian networks

Ukraine ‘s government accused unnamed Russian traffic networks as the source of massive attacks on Ukrainian security and defense websites. Today Ukraine accused unnamed Russian internet networks of massive attacks that targeted Ukrainian security and defense websites. The Ukrainian officials did not provide details about the attacks either the damage they have caused. “It was […]

Pierluigi Paganini February 01, 2021
Experts discovered a new Trickbot module used for lateral movement

Experts spotted a new Trickbot module that is used to scan local networks and make lateral movement inside the target organization. Cybersecurity researchers discovered a new module of the Trickbot malware, dubbed ‘masrv’, that is used to scan a local network and make lateral movement inside the target organization. The masrv module leverage the Masscan open-source utility […]

Pierluigi Paganini January 27, 2021
Emotet Botnet dismantled in a joint international operation

A global operation of law enforcement has dismantled the infrastructure of the infamous Emotet botnet. A global operation of law enforcement, lead by Europol, has dismantled the infrastructure of the infamous Emotet botnet. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. In the middle-August, the malware was […]

Pierluigi Paganini January 25, 2021
Cryptomining DreamBus botnet targets Linux servers

Zscaler’s research team recently spotted a Linux-based malware family, tracked as DreamBus botnet, targeting Linux servers. Researchers at Zscaler’s ThreatLabZ research team recently analyzed a Linux-based malware family, tracked as DreamBus Botnet, which is a variant of SystemdMiner. The bot is composed of a series of Executable and Linkable Format (ELF) binaries and Unix shell scripts.  The […]

Pierluigi Paganini January 19, 2021
FreakOut botnet target 3 recent flaws to compromise Linux devices

Security researchers uncovered a series of attacks conducted by the FreakOut botnet that leveraged recently discovered vulnerabilities. Security researchers from Check Point have uncovered a series of attacks associated with the FreakOut botnet that is targeting multiple unpatched flaws in applications running on top of Linux systems. The botnet appeared in the threat landscape in […]