Advertising, DDOS, Internet and IoT - Cyber Security Informer

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Krebs on Security

SEPTEMBER 10, 2021

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. But on Thursday DDoS protection firm Qrator Labs identified the culprit — “Meris” — a new IoT monster that first emerged at the end of June 2021. In its Aug.

IoT

IoT DDOS Internet Internet

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

Researchers warn of several DDoS botnets exploiting a critical flaw tracked as CVE-2023-28771 in Zyxel devices. Fortinet FortiGuard Labs researchers warned of multiple DDoS botnets exploiting a vulnerability impacting multiple Zyxel firewalls. Mirai botnets are frequently used to conduct DDoS attacks.”

DDOS

DDOS Firmware VPN Firewall

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

A man accused to have developed distributed denial of service (DDoS) botnets based on the Mirai botnet was sentenced to 13 months in federal prison. Schuchman compromised hundreds of thousands of IoT devices, including home routers and IP cameras, to create multiple DDoS IoT botnets that he rented to carry out the attacks.

DDOS

DDOS IoT Advertising Internet

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

The FBI issued an alert last week warning about the discovery of new network protocols that have been exploited to launch large-scale DDoS attacks. The Federal Bureau of Investigation sent an alert last week warning about large-scale distributed denial of service (DDoS) attacks that abused new network protocols. continues the report.

DDOS

DDOS IoT Internet Internet

Kaiji, a new Linux malware targets IoT devices in the wild

Security Affairs

MAY 5, 2020

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks.

IoT

IoT Malware DDOS Advertising

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. According to ZDNet that first published the news, the list was leaked on a popular hacking forum by the operator of a DDoS booter service. ” reported ZDNet. Pierluigi Paganini.

IoT

IoT DDOS InfoSec Internet

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. Pierluigi Paganini.

IoT

IoT Firmware DNS Advertising

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. IoT is a complicated concept.

IoT

IoT Cybersecurity Manufacturing Internet

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. reads the analysis published by the experts. ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

Creator of multiple IoT botnets, including Satori, pleaded guilty

Security Affairs

SEPTEMBER 4, 2019

Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet , including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets.

IoT

IoT DDOS Internet Internet

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack.

Scams

Scams DDOS Cryptocurrency Accountability

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Do the increased attacks mean the industry is becoming accustomed to IoT cyber attacks? Insights from VDOO’s leadership.

IoT

IoT Manufacturing Internet Internet

Dutch police shut down bulletproof service hosting tens of DDoS botnets

Security Affairs

OCTOBER 3, 2019

Dutch police seized a bulletproof hosting service in a major takedown, the infrastructure was used by tens of IoT botnets involved in DDoS attacks. The servers were hosted at an unnamed data center in Amsterdam, it was used by tens of IoT botnets involved in DDoS attacks worldwide. ” continues the statement.

DDOS

DDOS IoT Cybercrime Advertising

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

The botnet borrows the code from Tsunami and Gafgyt botnets, it expanded the list of targeted devices and added new distributed denial of service (DDoS) capabilities. In the first week of May, the experts also spotted a Mirai variant using the same exploit, but this samples don’t contain any DDoS capabilities. Pierluigi Paganini.

IoT

IoT DDOS Authentication Advertising

A few dollars to bring down sites with new Bushido-based DDoS-for-hire service

Security Affairs

OCTOBER 27, 2018

Security researchers at FortiGuard Labs have discovered a new DDoS-for-hire service called “ 0x-booter” built with leaked code that implements an easy to use interface. “ 0x-booter ” first appeared on October 17, 2018, a post published on Facebook advertises over 500 Gbps of power and 20,000 bots. ” .

DDOS

DDOS IoT Advertising Hacking

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. The IoT malware ran only on systems with an x86 architecture. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Architecture Malware

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. What is infecting IoT devices and how? The researchers set up a honeypot to collect data on infected IoT devices, the way threat actors infect IoT devices and what families of malware are involved.

IoT

IoT Passwords Malware Advertising

M2M protocols can be abused to attack IoT and IIoT systems

Security Affairs

DECEMBER 4, 2018

Security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. attackers abuse M2M protocols to target IoT and IIoT devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Internet Internet Advertising

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

A security researcher disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack systems without any user interaction. Kunz and his colleagues were able to brute-force the IoT radio in just 10 minutes and achieve root access with full privileges. . Pierluigi Paganini.

IoT

IoT Hacking Firmware Advertising

Torii botnet, probably the most sophisticated IoT botnet of ever

Security Affairs

SEPTEMBER 29, 2018

Avast spotted a new IoT botnet, tracked as Torii, that appears much more sophisticated and stealth of the numerous Mirai variants previously analyzed. Security researchers spotted a new IoT botnet, tracked as Torii, that appears much more sophisticated and stealth of the numerous Mirai variants previously analyzed. Pierluigi Paganini.

IoT

IoT Architecture Advertising DDOS

Shellbot Botnet Targets IoT devices and Linux servers

Security Affairs

NOVEMBER 5, 2018

“The group distributes the bot by exploiting a common command injection vulnerability on internet of things (IoT) devices and Linux servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT

IoT Advertising DDOS Malware

Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console

Security Affairs

APRIL 20, 2020

Threat actors used the consoles to deliver malware and ransomware through an IoT botnet that was also used to launch distributed denial-of-service (DDoS) attacks. “One particular IP was associated with dozens of activities related to the distribution of malware, phishing emails, ransomware, and DDoS attacks.”

IoT

IoT DDOS Advertising Malware

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers.

IoT

IoT Advertising DDOS Authentication

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Security Affairs

DECEMBER 8, 2021

The company states that the attacker can exploit the flaw only if he has access to the device network or the device has direct interface with the Internet. It tries to drop a downloader that exhibits infection behavior and that also executes Moobot, which is a DDoS botnet based on Mirai.”

Firmware

Firmware DDOS Malware IoT

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Architecture

Architecture IoT Malware Advertising

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Malware

Malware VPN Internet Internet

Security Affairs newsletter Round 283

Security Affairs

SEPTEMBER 27, 2020

fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS?

IoT

IoT Banking Advertising Ransomware

A new development shows a potential shift to using Mirai to target enterprises

Security Affairs

MARCH 18, 2019

PaloAlto Networks researchers discovered a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. Researchers at PaloAlto Networks spotted a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. SecurityAffairs – Mirai, IoT). Pierluigi Paganini.

IoT

IoT Wireless DDOS Advertising

The Mystery of Fbot

Security Affairs

JANUARY 21, 2020

This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting the IoT devices since way before 2018. This wave is a significant timeline as a technology step-up for DDoS botnet and IoT malware development. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS IoT Malware Advertising

We infiltrated an IRC botnet. Here’s what we found

Security Affairs

NOVEMBER 19, 2020

Infiltrating a cybercriminal operation can provide valuable data about different types of malicious activities, including DDoS attacks , malware distribution, and more. They’re relatively easy to take down and there are far larger botnets powered by newer technologies such as the Internet of Things (IoT).

DDOS

DDOS IoT Malware Internet

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

There is also ample evidence to suggest that Glupteba may have spawned Meris , a massive botnet of hacked Internet of Things (IoT) devices that surfaced in September 2021 and was responsible for some of the largest and most disruptive distributed denial-of-service (DDoS) attacks the Internet has ever seen. But on Dec.

Passwords

Passwords Malware Internet Internet

British hacker sentenced to jail for attack on Liberian Telecoms firms

Security Affairs

JANUARY 11, 2019

An employee of the rival firm Cellcom paid Kaye to carry out a DDoS attack on the Liberian phone and internet provider Lonestar. Daniel Kaye admitted that the DDoS attack aimed at the African telco company inadvertently isolated Liberia from the Internet. SecurityAffairs – Liberia, DDoS). ” reported the BBC.

DDOS

DDOS Telecommunications Advertising Internet

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

.” The analysis of the bot revealed that it supports seven functions: reverse shell, self-uninstall, gather process’ network information, gather Bot information, execute system commands, run encrypted files specified in URLs, DDoS attack, etc. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS System Administration Advertising DNS

Naming & Shaming Web Polluters: Xiongmai

Krebs on Security

OCTOBER 9, 2018

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? Since then, two of those firms — Huawei and Dahua — have taken steps to increase the security of their IoT products out-of-the-box. Source: xiongmaitech.com. BLANK TO BANK.

Computers and Electronics

Computers and Electronics IoT Passwords Internet

New Miori botnet has a unique protocol for C2 communication

Security Affairs

JULY 12, 2019

The Miori bot targets IoT devices having SSH and Telnet services exposed online and that are poorly secured. The Miori botnet , similarly to other Mirai variants is used to launch DDoS attacks, it supports both TCP and UDP flood attacks. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Encryption Malware

Recently discovered DemonBot Botnet targets Hadoop servers

Security Affairs

OCTOBER 29, 2018

Security experts from Radware have spotted a new botnet dubbed DemonBot that it targeting Hadoop clusters to launch DDoS attacks against third parties. ” Even if the binary is compatible with most known Internet of Things (IoT) devices, the bot was not observed targeting smart objects until now. Pierluigi Paganini.

IoT

IoT Malware Advertising DDOS

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

Security Affairs

JULY 14, 2023

Threat actors behind the campaign aimed at building a botnet to use for a range of criminal activities from password spraying to digital advertising fraud. .”” reads the analysis published by Lumen. The AVrecon malware was written in C to ensure portability and designed to target ARM-embedded devices. ” concludes the report.

Malware

Malware Advertising Cybercrime Passwords

New Gafgyt botnet targets Gaming Servers

Security Affairs

NOVEMBER 3, 2019

Gafgyt is a popular choice for launching large-scale DDoS attacks and it has been around since 2014, the latest variant borrows the code from the JenX botnet. Al the flaws are old, this means that attackers aim at infecting unpatched IoT devices. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless IoT DDOS Engineering

Hacker is targeting DNA sequencer applications from Iranian IP address

Security Affairs

JUNE 17, 2019

The attackers are scanning the Internet for dnaLIMS , a web-based application to handle DNA sequencing operations, these devices are used in the research industry. Unlike an IPCamera or Router based IoT device, these are very unique devices installed in scientific ,academic and medical institutions. IP address that is located in Iran.

DDOS

DDOS Advertising IoT Marketing

New Mirai botnet hides C2 server in the Tor network to prevent takedowns

Security Affairs

AUGUST 1, 2019

Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks aimed at Internet of Things (IoT) devices. Experts also identified a byte sequence indicative of a DDoS command sent from the C&C server via a UDP flood attack to target a specific IP address. Pierluigi Paganini.

Architecture

Architecture IoT Malware Advertising

USB drives are primary vector for destructive threats to industrial facilities

Security Affairs

NOVEMBER 5, 2018

. “Of those threats blocked by SMX, 1 in 4 (26%) had the potential to cause a major disruption to an industrial control environment, including loss of view or loss of control, and 16% were targeted specifically against Industrial Control System (ICS) or Internet of Things (IoT) systems.” ” continues the report.

Malware

Malware IoT Advertising Data collection

2020 Predictions: New Challenges for Data Privacy and the 5G Hackathon

Thales Cloud Protection & Licensing

JANUARY 14, 2020

The adoption of emerging technologies like 5G will fuel the proliferation of Internet of Things (IoT) that’s often built with only a few security controls and therefore creating a larger attack surface that enterprises have to deal with., 5G tech will make the IoT a greater part of our everyday lives. Conclusion.

Data privacy

Data privacy IoT Data breaches Surveillance

Security Affairs newsletter Round 193 – News of the week

Security Affairs

DECEMBER 23, 2018

5 IoT Security Predictions for 2019. Law enforcement take down 15 DDoS-for-Hire services. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Advertising DDOS IoT

Mirai authors avoid the jail by helping US authorities in other investigations

Security Affairs

SEPTEMBER 19, 2018

The three men, Josiah White (21) of Washington, Pennsylvania; Paras Jha (22), of Fanwood, New Jersey, and Dalton Norman (22), of Metairie, Louisiana , pleaded guilty in December 2017 to developing and running the dreaded Mirai botnet that was involved in several massive DDoS attacks. Pierluigi Paganini.

Cybercrime

Cybercrime DDOS Cryptocurrency Advertising

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Multiple DDoS botnets were observed targeting Zyxel devices

Trending Sources

Developer of DDoS Mirai based botnets sentenced to prison

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Kaiji, a new Linux malware targets IoT devices in the wild

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

New Ttint IoT botnet exploits two zero-days in Tenda routers

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Mozi Botnet is responsible for most of the IoT Traffic

Creator of multiple IoT botnets, including Satori, pleaded guilty

Interview With a Crypto Scam Investment Spammer

5 IoT Security Predictions for 2019

Dutch police shut down bulletproof service hosting tens of DDoS botnets

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

A few dollars to bring down sites with new Bushido-based DDoS-for-hire service

Chalubo, a new IoT botnet emerges in the threat landscape

Evolution of threat landscape for IoT devices – H1 2018

M2M protocols can be abused to attack IoT and IIoT systems

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Torii botnet, probably the most sophisticated IoT botnet of ever

Shellbot Botnet Targets IoT devices and Linux servers

Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console

New Mirai variant includes exploit for a flaw in Comtrend Routers

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

New HEH botnet wipes devices potentially bricking them

Who and What is Behind the Malware Proxy Service SocksEscort?

Security Affairs newsletter Round 283

A new development shows a potential shift to using Mirai to target enterprises

The Mystery of Fbot

We infiltrated an IRC botnet. Here’s what we found

The Link Between AWM Proxy & the Glupteba Botnet

British hacker sentenced to jail for attack on Liberian Telecoms firms

Roboto, a new P2P botnet targets Linux Webmin servers

Naming & Shaming Web Polluters: Xiongmai

New Miori botnet has a unique protocol for C2 communication

Recently discovered DemonBot Botnet targets Hadoop servers

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

New Gafgyt botnet targets Gaming Servers

Hacker is targeting DNA sequencer applications from Iranian IP address

New Mirai botnet hides C2 server in the Tor network to prevent takedowns

USB drives are primary vector for destructive threats to industrial facilities

2020 Predictions: New Challenges for Data Privacy and the 5G Hackathon

Security Affairs newsletter Round 193 – News of the week

Mirai authors avoid the jail by helping US authorities in other investigations

Stay Connected