FBI and European authorities neutralize MooBot: spying platform for Russia
The FBI worked with several partners to disrupt a malicious botnet. The Center for Cybersecurity Belgium (CCB) supported the action in part. They shared some more information about defusing MooBot, which was linked to Russian intelligence.
In January of this year, the U.S. Department of Justice... Read more
FBI proactively removes Chinese botnet malware on hundreds of SOHO routers
The FBI hindered the operations of the Chinese hacker gang Volt Typhoon yesterday. The U.S. security agency removed proactively these hackers' KV Botnet malware on hundreds of Small business and Home Office (SOHO) routers. Potential future new infections were also prevented.
According to the FBI... Read more
Androxgh0st botnet steals AWS and Microsoft credentials
CISA and the FBI warn of a campaign aiming to steal cloud credentials. Cybercriminals are attempting to use the Androxgh0st malware to create a botnet that steals credentials from cloud services. This data is then used to deliver malicious payloads.
Androxgh0st is known as an "SMTP cracker," whi... Read more
Linux IoT devices vulnerable to self-spreading botnet
Linux devices connected to the Internet of Things (IoT) are vulnerable to NoaBot. This botnet is linked to crypto-mining activities and is another form of the previously known botnet Mirai. What sets NoaBot apart is its ability to duplicate itself, and that is also where its greatest danger lies.
... Read more
Qakbot malware returns with phishing attack on hospitality industry
The infamous Qakbot malware has made a return. Microsoft Threat Intelligence warns of new phishing emails purporting to be from the U.S. Internal Revenue Service (IRS).
In late August, international police units announced they had eliminated the giant Qakbot botnet during "Operation Duck Hunt." ... Read more
Hackers can expand Mirai botnet by at least 7,000 devices
Hackers exploit two zero-day vulnerabilities to connect routers and surveillance cameras to a botnet. They then deploy the botnet for DDoS attacks. At least 7,000 devices are vulnerable.
Researchers at Akamai tracked down the zero-day vulnerabilities and warned of the danger in a blog on Tuesda... Read more
Hackers figure out your computer’s location via malware Whiffy Recon
Hackers can accurately determine your location with the new malware Whiffy Recon. The data can potentially be used as leverage to let victims fulfil the hacker's wishes.
The new malware Whiffy Recon searches for a computer's location. Researchers from Secureworks first encountered the malware i... Read more
Persistent malware targets Redis to create botnet
A persistent malware has targeted the cache store Redis. The malware was discovered and disclosed earlier this month but managed to redirect and adapt in the meantime.
P2Pinfect is malware that targets Redis. Redis is an open-source software deployed as a caching technique to make Web sites loa... Read more
AVrecon: the malware with a botnet army of 70K routers
Researchers at Black Lotus Labs have tracked down a malware variant that has been flying under the radar for two years: AVrecon. The team, part of Lumen Technologies, talks about one of the biggest malware plagues that have targeted SOHO routers.
Black Lotus Labs followed AVrecon for 28 days to ... Read more
DDoS attacks changing from targeting IoT to VPS infrastructure
This new generation of botnets uses leaked API credentials or known exploits to enslave vulnerable and misconfigured Virtual Private Servers, allowing threat actors to build high-performance botnets that are up to 5,000 times stronger than their IoT-based counterparts.
According to Cloudflare, t... Read more