2018, DDOS, Hacking and Malware - Cyber Security Informer

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Security Affairs

JUNE 26, 2020

A new botnet, tracked as Lucifer, appeared in the threat landscape, it leverages close to a dozen exploits to hack Windows systems. Upon infecting a system the bot turns it into a cryptomining client and could use it to launch distributed denial-of-service (DDoS) attacks. ” reads the report published by the Unit42 team.

DDOS

DDOS Malware Advertising Passwords

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

A man accused to have developed distributed denial of service (DDoS) botnets based on the Mirai botnet was sentenced to 13 months in federal prison. Schuchman compromised hundreds of thousands of IoT devices, including home routers and IP cameras, to create multiple DDoS IoT botnets that he rented to carry out the attacks.

DDOS

DDOS IoT Advertising Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware

Malware Internet Internet DDOS

Dutch police warn customers of a popular DDoS booter service

Security Affairs

OCTOBER 13, 2021

Dutch police warn customers of a distributed denial-of-service (DDoS) website of stopping using the service to avoid prosecution. Dutch police warn customers of a booter service, abused to carry out distributed denial-of-service (DDoS) attacks, of to stop using it to avoid prosecution. by carrying out DDoS attacks on March 19.

DDOS

DDOS Cybercrime IoT Hacking

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. is cybercrime forum.

Malware

Malware Cybercrime Ransomware Marketing

The Dutch police took down 15 DDoS-for-hire services in a week

Security Affairs

APRIL 13, 2020

Dutch authorities have taken down 15 DDoS-for-hire services in a week, this is another success of law enforcement in the fight against cybercrime. An operation conducted by Dutch authorities last week has shut down 15 DDoS-for-hire services (aka DDoS booters or DDoS stressor), states a press release published by Dutch police.

DDOS

DDOS Cybercrime Advertising Government

M?ris Bot infects MikroTik routers compromised in 2018

Security Affairs

SEPTEMBER 14, 2021

Last week, the Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the resilience of the country to an internet shutdown. The DDoS attack was launched by a new DDoS botnet tracked as M?ris

DDOS

DDOS Firewall Passwords Internet

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Experts pointed out that the malware is being actively developed.

Malware

Malware DDOS IoT Cybercrime

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

MAY 1, 2024

Attackers used “super-aged” domains, usually registered before the year 2000, to avoid DNS blocklists and blending in with old malware at the same time The attackers manipulate MX (Mail Exchange) records by injecting fake responses through China’s Great Firewall.

DNS

DNS Firewall DDOS Hacking

Akamai mitigated the largest ever PPS DDoS attack

Security Affairs

JUNE 25, 2020

Akamai announced to have mitigated a record distributed denial-of-service (DDoS) attack that hit a European bank. Akamai revealed that a bank in Europe was hit by a massive distributed denial-of-service (DDoS) attack that peaked a record 809 million packets per second (PPS). Tbps that took place in March 2018. RPS, which is 2.7

DDOS

DDOS Banking Advertising Hacking

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

FEBRUARY 12, 2019

I wrote about the company in 2015 after it suffered a debilitating distributed denial-of-service (DDoS) attack after Romero declined to pay a ransom demand from an online extortion group. Another series of DDoS attacks in 2017 forced VFEmail to find a new hosting provider. based ISP Staminus come to mind).

Hacking

Hacking DDOS Backups Accountability

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware

Malware Advertising Marketing System Administration

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

The researchers set up a honeypot to collect data on infected IoT devices, the way threat actors infect IoT devices and what families of malware are involved. In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017.

IoT

IoT Passwords Malware Advertising

Hackers use hackers spreading tainted hacking tools in long-running campaign

Security Affairs

MARCH 10, 2020

Who is hacking the hackers? Experts from Cybereason a mysterious hackers group is targeting other hackers by spreading tainted hacking tools. Experts from security firm Cybereason warn of a mysterious group of hackers that are distributing trojanized hacking tools on an almost daily basis for the past years.

Hacking

Hacking Malware Advertising DNS

Law enforcement take down 15 DDoS-for-Hire services

Security Affairs

DECEMBER 22, 2018

The Department of Justice (DoJ) announced that the FBI seized 15 domains associated with DDoS-for-hire services. The FBI has seized 15 domains associated with DDoS-for-hire services (aka booters or stressers ) that were used by their customers to launch powerful DDoS attacks. Authorities Take Down 15 DDoS-for-Hire Websites.

DDOS

DDOS Advertising Internet Internet

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

MAY 28, 2020

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. “This is all about showing people there are other paths they can take.” FLATTENING THE CURVE.

Cybercrime

Cybercrime DDOS Advertising Hacking

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Zerobot operators are offering the botnet as a malware-as-a-service model, one domain (zerostresser[.]com) com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. SecurityAffairs – hacking, botnet). “Since the release of Zerobot 1.1, Pierluigi Paganini.

IoT

IoT DDOS Malware Firmware

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The InfectedSlurs is based on the JenX Mirai malware variant that in 2018 leveraged the Grand Theft Auto videogame community to infect devices.

DDOS

DDOS Wireless Security Intelligence Authentication

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. SecurityAffairs – hacking, Beastmode botnet).

DDOS

DDOS Firmware Surveillance IoT

Mirai code re-use in Gafgyt

Security Affairs

APRIL 16, 2021

Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “ Gafgyt ,”some of them re-used Mirai code. . Gafgyt (also known as Bashlite) is a prominent malware family for *nix systems, which mainly target vulnerable IoT devices like Huawei routers, Realtek routers and ASUS devices.

Malware

Malware DDOS IoT Firmware

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. In May 2020, Zipper told another Lolzteam member that quot[.]pw pw was their domain. .”

Scams

Scams DDOS Cryptocurrency Accountability

Creator of multiple IoT botnets, including Satori, pleaded guilty

Security Affairs

SEPTEMBER 4, 2019

Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet , including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets.

IoT

IoT DDOS Internet Internet

The Mystery of Fbot

Security Affairs

JANUARY 21, 2020

In a few days back, the MalwareMustDie team’s security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This wave is a significant timeline as a technology step-up for DDoS botnet and IoT malware development.

DDOS

DDOS IoT Malware Advertising

Three Common Cybersecurity Threats Small Businesses Should Be Worried About

SiteLock

AUGUST 27, 2021

No matter how small your business is, you’re not too small to be hacked. You can start by learning about the three common cybersecurity threats that all small business owners should be prepared for: malware, vulnerabilities, and DDoS attacks. Common types of malware. How malware can harm your business. Defacements.

Small Business

Small Business Cybersecurity DDOS Malware

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

Experts defined DirtyMoe as a complex malware that has been designed as a modular system. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Both PurpleFox and DirtyMoe are still active malware and gaining strength.”

DNS

DNS Cryptocurrency Internet Internet

Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks

Krebs on Security

OCTOBER 26, 2018

The convicted co-author of the highly disruptive Mirai botnet malware strain has been sentenced to 2,500 hours of community service, six months home confinement, and ordered to pay $8.6 At the time, Jha was president and co-founder of ProTraf Solutions , a DDoS mitigation firm that provided just such a service. After the Sept.

DDOS

DDOS Government Malware Internet

Syria-linked APT group SEA targets Android users with COVID19 lures

Security Affairs

APRIL 17, 2020

Syrian hackers are behind a long-running campaign that has been active since January 2018 and that targets Arabic-speaking Android users. “This campaign appears to have been active since the start of January 2018, and targets Arabic-speaking users, likely in Syria and the surrounding region.” ” continues the expert.

Surveillance

Surveillance Telecommunications Mobile Advertising

Moobot botnet is back and targets vulnerable D-Link routers

Security Affairs

SEPTEMBER 7, 2022

The analysis of the code revealed that the MooBot bot will also send heartbeat messages to the C2 server and parse commands from C2 to start a DDoS attack on a specific IP address and port number. SecurityAffairs – hacking, D-Link). ” At the time of the analysis, the C2 server was offline. ” concludes the report.

DDOS

DDOS Encryption Passwords Hacking

DirtyMoe modules expand the bot using worm-like techniques

Security Affairs

MARCH 21, 2022

Experts defined DirtyMoe as a complex malware that has been designed as a modular system. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The malware implements six methods to generate IPs with the help of a pseudo-random generator.

Malware

Malware Passwords DDOS Internet

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. SecurityAffairs – hacking, Mozi botnet). ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. ” “I am not your A-typical computer geek, Brian,” he wrote in a 2018 email. “I An advertisement for Orcus RAT.

Advertising

Advertising Malware Marketing Software

Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH)

Security Affairs

JULY 4, 2019

The peculiarity of this new piece of malware is the ability to communicate with C2 servers via DNS over HTTPS ( DoH ). The DoH protocol was a new standard proposed in October 2018 and it is currently supported by several publicly available DNS servers. com domain. . Pierluigi Paganini. SecurityAffairs – Godlua backdoor, DoH ).

DNS

DNS Malware Advertising DDOS

New England Biolabs leak sensitive data

Security Affairs

OCTOBER 24, 2023

In 2018, Uber had to pay a high price of $148 million for exposing the personal information of 57 million people worldwide – including driver’s license information – after trying to pay the ransom and keep things quiet. Keeping crucial.env files secure is essential, as they could be used to compromise services and applications.

Data breaches

Data breaches Social Engineering Phishing DDOS

Kaspersky: Attacks on Smart Devices Rise Threefold in 2018

The Security Ledger

SEPTEMBER 19, 2018

Kaspersky researchers observed three times as many malware samples against smart devices in the first half of 2018 than they did in all of 2017, according to new findings. Read the whole entry. »

Malware

Malware DDOS Internet Internet

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

Security Affairs

MARCH 28, 2022

Muhstik is a botnet that is known to use web application exploits to compromise IoT devices, it has been around for at least 2018. Botnet operators monetize their efforts via XMRig combined with DDoS-for-hire services. “The payload used is a variant of Muhstik bot that can be used to launch DDOS attacks.”

DDOS

DDOS IoT Hacking Malware

New Mozi P2P Botnet targets Netgear, D-Link, Huawei routers

Security Affairs

DECEMBER 25, 2019

According to the researchers, in the last months, the botnet was mainly involved in DDoS attacks, experts also noticed that the sample borrows part of code from the Gafgyt malware. The malware spreads by attempting to guess Telnet passwords of target devices and leveraging known exploits. Pierluigi Paganini.

DDOS

DDOS Passwords Wireless Advertising

Top 9 Cybersecurity Challenges SMEs Currently Face

Responsible Cyber

APRIL 8, 2020

Small and mid-sized enterprises (SMEs) are increasingly at risk of cyber-attacks, and often serve as a launch pad for larger threat campaigns, according to Cisco’s 2018 SMB Cybersecurity Report. Eventually, a basic level of knowledge and awareness could mean the difference between being hacked or avoiding the risk altogether.

Cybersecurity

Cybersecurity DDOS Small Business Phishing

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

” In the past, the US Census has been hit by attacks, such as hacks and DDoS attacks during a 2018 test of census systems attributed to Russia-linked hackers and a 2015 hack attributed to the Anonymous collective. SecurityAffairs – hacking, US Census Bureau). Pierluigi Paganini.

Government

Government Advertising Data collection Hacking

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Krebs on Security

MARCH 22, 2022

years in a Russian penal colony for convincing one of his top affiliates to launch a distributed denial-of-service (DDoS) attack against a competitor that shut down the ticketing system for the state-owned Aeroflot airline. A Google-translated snippet of the hacked ChronoPay Confluence installation. Click to enlarge.

Banking

Banking Marketing DDOS Risk

Group-IB: 14 cyber attacks on crypto exchanges resulted in a loss of $882 million

Security Affairs

OCTOBER 18, 2018

Group-IB has estimated that crypto exchanges suffered a total loss of $882 million due to targeted attacks between 2017 and 2018. According to Group-IB experts, at least 14 crypto exchanges were hacked. Some of the exchanges went bankrupt after the hacks, i.e. Bitcurex, YouBit, Bitgrail. rimeCon conference.

Cyber Attacks

Cyber Attacks Cryptocurrency Phishing Social Engineering

A new development shows a potential shift to using Mirai to target enterprises

Security Affairs

MARCH 18, 2019

Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks aimed at Internet of Things (IoT) devices. Satori , Masuta , Wicked Mirai , JenX , Omni, and the OMG botnet are just the last variants appeared online in 2018. The new Mirai variant targets embedded devices (i.e.

IoT

IoT Wireless DDOS Advertising

Security Affairs newsletter Round 192 – News of the week

Security Affairs

DECEMBER 16, 2018

A new Mac malware combines a backdoor and a crypto-miner. Duke-Cohan sentenced to three years in prison due to false bomb threats and DDoS. Expert devised a new WiFi hack that works on WPA/WPA2. New threat actor SandCat exploited recently patched CVE-2018-8611 0day. Which are the worst passwords for 2018?

DNS

DNS Advertising DDOS Government

Security Affairs newsletter Round 199 – News of the week

Security Affairs

FEBRUARY 3, 2019

Law enforcement worldwide hunting users of DDoS-for-Hire services. Reading the ENISA Threat Landscape Report 2018. CookieMiner Mac Malware steals browser cookies and sensitive Data. Exclusive: spreading CSV Malware via Google Sheets. Imperva mitigated DDoS attack generated 500 Million Packets per Second, the largest ever.

DDOS

DDOS Data breaches Advertising Cybercrime

Enemybot, a new DDoS botnet appears in the threat landscape

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Webinars

Trending Sources

Developer of DDoS Mirai based botnets sentenced to prison

Webinars

PurpleFox malware infected at least 2,000 computers in Ukraine

Dutch police warn customers of a popular DDoS booter service

This Service Helps Malware Authors Fix Flaws in their Code

The Dutch police took down 15 DDoS-for-hire services in a week

M?ris Bot infects MikroTik routers compromised in 2018

EnemyBot malware adds new exploits to target CMS servers and Android devices

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Akamai mitigated the largest ever PPS DDoS attack

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Orcus RAT Author Charged in Malware Scheme

Evolution of threat landscape for IoT devices – H1 2018

Hackers use hackers spreading tainted hacking tools in long-running campaign

Law enforcement take down 15 DDoS-for-Hire services

UK Ad Campaign Seeks to Deter Cybercrime

A new Zerobot variant spreads by exploiting Apache flaws

New InfectedSlurs Mirai-based botnet exploits two zero-days

Beastmode Mirai botnet now includes exploits for Totolink routers

Mirai code re-use in Gafgyt

Interview With a Crypto Scam Investment Spammer

Creator of multiple IoT botnets, including Satori, pleaded guilty

The Mystery of Fbot

Three Common Cybersecurity Threats Small Businesses Should Be Worried About

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks

Syria-linked APT group SEA targets Android users with COVID19 lures

Moobot botnet is back and targets vulnerable D-Link routers

DirtyMoe modules expand the bot using worm-like techniques

Mozi Botnet is responsible for most of the IoT Traffic

Canadian Police Raid ‘Orcus RAT’ Author

Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH)

New England Biolabs leak sensitive data

Kaspersky: Attacks on Smart Devices Rise Threefold in 2018

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

New Mozi P2P Botnet targets Netgear, D-Link, Huawei routers

Top 9 Cybersecurity Challenges SMEs Currently Face

Hackers targeted the US Census Bureau network, DHS report warns

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Group-IB: 14 cyber attacks on crypto exchanges resulted in a loss of $882 million

A new development shows a potential shift to using Mirai to target enterprises

Security Affairs newsletter Round 192 – News of the week

Security Affairs newsletter Round 199 – News of the week

Stay Connected