Found 81 bookmarks
Custom sorting
FritzFrog: P2P Botnet Hops Back on the Scene
FritzFrog: P2P Botnet Hops Back on the Scene
FritzFrog is a peer-to-peer botnet, which means its command and control server is not limited to a single, centralized machine, but rather can be done from every machine in its distributed network. In other words, every host running the malware process becomes part of the network, and is capable of sending, receiving, and executing the commands to control machines in the network.
#FritzFrog#botnet#EN#Akamai
·akamai.com·
FritzFrog: P2P Botnet Hops Back on the Scene
District of Puerto Rico | Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World | United States Department of Justice
District of Puerto Rico | Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World | United States Department of Justice
A Russian and Moldovan national pled guilty to three counts of violating 18 U.S.C. § 1030(a)(5)(A) Fraud and Related Activity in Connection with Computers. The FBI today revealed US law enforcement’s dismantlement of a botnet proxy network and its infrastructure associated with the IPStorm malware. According to online reports, the botnet infrastructure had infected Windows systems then further expanded to infect Linux, Mac, and Android devices, victimizing computers and other electronic devices around the world, including in Asia, Europe, North America and South America.
#justice.gov#EN#2023#IPStorm#botnet#proxy#arrested
·justice.gov·
District of Puerto Rico | Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World | United States Department of Justice
“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts
“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts
Facebook’s Messenger platform has been heavily abused in the past month to spread endless messages with malicious attachments from a swarm of fake and hijacked personal accounts. These threat actors are targeting millions of business accounts on Facebook’s platform — from highly-rated marketplace sellers to large corporations, with fake business inquiries, achieving a staggering “success rate” with approximately 1 out of 70 infected!
#labs.guard.io#EN#2023#Messenger#Facebook#Phishing#Attack#Botnet
·labs.guard.io·
“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
DGA is one of the classic techniques for botnets to hide their C2s, attacker only needs to selectively register a very small number of C2 domains, while for the defenders, it is difficult to determine in advance which domain names will be generated and registered.
#netlab360#EN#2022#Orchard#botnet#C2#bitcoin#domains
·blog.netlab.360.com·
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
FritzFrog: P2P Botnet Hops Back on the Scene
FritzFrog: P2P Botnet Hops Back on the Scene
FritzFrog is a peer-to-peer botnet, which means its command and control server is not limited to a single, centralized machine, but rather can be done from every machine in its distributed network. In other words, every host running the malware process becomes part of the network, and is capable of sending, receiving, and executing the commands to control machines in the network.
#FritzFrog#botnet#EN#Akamai
·akamai.com·
FritzFrog: P2P Botnet Hops Back on the Scene
Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities
Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities
FortiGuardLabs examines a botnet known as Zerobot written in the Go language targeting IoT vulnerabilities. Read our blog to learn about how it evolves, including self-replication, attacks for different protocols, and self-propagation as well as its behavior once inside an infected device.
#fortinet#EN#2022#vulnerabilities#Botnet#iot-security#Zerobot#Go#Threat-Research#malware-research#malware-analysis
·fortinet.com·
Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities
Fodcha Is Coming Back, Raising A Wave of Ransom DDoS
Fodcha Is Coming Back, Raising A Wave of Ransom DDoS
Background On April 13, 2022, 360Netlab first disclosed the Fodcha botnet. After our article was published, Fodcha suffered a crackdown from the relevant authorities, and its authors quickly responded by leaving "Netlab pls leave me alone I surrender" in an updated sample.No surprise, Fodcha's authors didn't really stop updating after the fraudulent surrender, and soon a new version was released. In the new version, the authors of Fodcha redesigned the communication protocol and started to us
#netlab360#EN#2022#Fodcha#botnet#DDoS
·blog.netlab.360.com·
Fodcha Is Coming Back, Raising A Wave of Ransom DDoS
Archive Sidestepping: Emotet Botnet Pushing Self-Unlocking Password-Protected RAR
Archive Sidestepping: Emotet Botnet Pushing Self-Unlocking Password-Protected RAR
Trustwave SpiderLabs’ spam traps have identified an increase in threats packaged in password-protected archives with about 96% of these being spammed by the Emotet Botnet. In the first half of 2022, we identified password-protected ZIP files as the third most popular archive format used by cybercriminals to conceal malware.
#trustwave#en#2022#Emotet#botnet#self-unlocking#rar#analysis#spam#archives
·trustwave.com·
Archive Sidestepping: Emotet Botnet Pushing Self-Unlocking Password-Protected RAR
Mēris botnet, climbing to the record
Mēris botnet, climbing to the record
End of June 2021, Qrator Labs started to see signs of a new assaulting force on the Internet – a botnet of a new kind. That is a joint research we conducted together with Yandex to elaborate on the specifics of the DDoS attacks enabler emerging in almost real-time.
#qrator#EN#2021#DDoS#botnet#Analysis
·blog.qrator.net·
Mēris botnet, climbing to the record
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
DGA is one of the classic techniques for botnets to hide their C2s, attacker only needs to selectively register a very small number of C2 domains, while for the defenders, it is difficult to determine in advance which domain names will be generated and registered.
#netlab360#EN#2022#Orchard#botnet#C2#bitcoin#domains
·blog.netlab.360.com·
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
So RapperBot, What Ya Bruting For?
So RapperBot, What Ya Bruting For?
In June 2022, FortiGuard Labs encountered IoT malware samples with SSH-related strings, something not often seen in other IoT threat campaigns. What piqued our interest more was the size of the code referencing these strings in relation to the code used for DDoS attacks, which usually comprises most of the code in other variants.
#fortinet#EN#2022#RapperBot#research#threat#IoT#Mirai#SSH-2.0-HELLOWORLD#botnet
·fortinet.com·
So RapperBot, What Ya Bruting For?
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices - Microsoft Security Blog
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices - Microsoft Security Blog
Observing a 254% increase in activity over the last six months from a versatile Linux trojan called XorDdos, the Microsoft 365 Defender research team provides in-depth analysis into this stealthy malware's capabilities and key infection signs.
#microsoft-security-blog#2022#EN#Linux#XorDdos#botnet#malware#stealthy
·microsoft.com·
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices - Microsoft Security Blog
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covers the evolution of the threat, how it spreads, and how it impacts organizations. Part 2 is a deep dive on the attacker behavior and will provide investigation guidance.
#microsoft#2021#LemonDuck#lemoncat#EN#malware#botnet#infrastructure
·microsoft.com·
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
FritzFrog: P2P Botnet Hops Back on the Scene
FritzFrog: P2P Botnet Hops Back on the Scene
FritzFrog is a peer-to-peer botnet, which means its command and control server is not limited to a single, centralized machine, but rather can be done from every machine in its distributed network. In other words, every host running the malware process becomes part of the network, and is capable of sending, receiving, and executing the commands to control machines in the network.
#FritzFrog#botnet#EN#Akamai
·akamai.com·
FritzFrog: P2P Botnet Hops Back on the Scene