Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. The vulnerability was detailed in July 2020 by the security researchers Sanjana Sarda. ” concludes the report.

IoT 139

IoT Firmware DNS Advertising 139

SecureList

SEPTEMBER 21, 2023

Dark web services: DDoS attacks, botnets, and zero-day IoT vulnerabilities Of all IoT-related services offered on the dark web, DDoS attacks are worth examining first. See translation I’m the world’s best-known DDoS attacker for hire (getting ahead of myself here). Botnet based on Medusa, working since 2020.

IoT 101

IoT DDOS Passwords Malware 101

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). On 2020-01-02, CNCERT reported that “the number of Bot node IP addresses associated with this botnet exceeds 5 million. million devices.

Architecture 124

Architecture DDOS Advertising DNS 124

SecureList

FEBRUARY 16, 2021

In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent.

DDOS 136

DDOS Cryptocurrency Marketing Internet 136

SecureList

NOVEMBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 101

Malware Banking Energy and Utilities Accountability 101

SecureList

APRIL 27, 2022

Subsequently, DDoS attacks hit several government websites. In 2020, we published private reports featuring LODEINFO, a sophisticated fileless malware first mentioned in a blogpost from JPCERT/CC3. ToddyCat, a relatively new APT actor, is responsible for multiple attacks detected since December 2020. in June 2021.

Malware 137

Malware Firmware Government Phishing 137

eSecurity Planet

FEBRUARY 16, 2021

Attackers often use botnets to send out spam or phishing campaigns to carry out distributed denial of service (DDoS) attacks. With over 600,000 devices, this botnet exposed just how vulnerable IoT devices could be and led to the IoT Cybersecurity Improvement Act of 2020. Firmware rootkit. DDoS trojan. with no internet.

Malware 105

Malware Adware Spyware Antivirus 105