HackDig : Dig high-quality web security articles for hackers

A New Botnet Attack Just Mozied Into Town

A relatively new player in the threat arena, the Mozi botnet, has spiked among Internet of things (IoT) devices, IBM X-Force has discovered. This malware has been active since late 2019 and has code overlap with Mirai and its variants. Mozi accounted for nearly 90% of the observed IoT network traffic from October 2019 through June 2020. This startling takeo
Publish At:2020-09-17 09:00 | Read:80 | Comments:0 | Tags:Incident Response Malware Threat Research Botnets Internet o

The Mirai botnet exploits a new vulnerability affecting companies around the world

Malware or malicious code has been around for over 40 years now, but its use to obtain control of a group of Internet-connected systems in something called a ‘botnet’ is a relatively new phenomenon. Botnets have been behind some of the most costly security incidents of the last 10 years and, consequently, companies around the world are going to great lengths
Publish At:2020-08-26 07:50 | Read:157 | Comments:0 | Tags:Business Malware News b2b botnets Mirai vulnerabilities Vuln

DDoS attacks in Q2 2020

News overview Not just one but two new DDoS amplification methods were discovered last quarter. In mid-May, Israeli researchers reported a new DNS server vulnerability that lurks in the DNS delegation process. The vulnerability exploitation scheme was dubbed “NXNSAttack”. The hacker sends to a legitimate recursive DNS server a request to several
Publish At:2020-08-10 06:01 | Read:251 | Comments:0 | Tags:DDoS reports Featured Botnets Cybercrime DDoS-attacks Malwar

Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902

Update as of 10:00 A.M. PST, July 30, 2020: Our continued analysis of the malware sample showed adjustments to the details involving the URI and Shodan scan parameters. We made the necessary changes in this post. We would like to thank F5 Networks for reaching out to us to clarify these details. With additional insights from Jemimah Molina and Augusto Remill
Publish At:2020-07-31 16:35 | Read:314 | Comments:0 | Tags:Botnets Exploits Vulnerabilities botnet CVE-2020-5902 Exploi

Lazarus on the hunt for big game

We may only be six months in, but there’s little doubt that 2020 will go down in history as a rather unpleasant year. In the field of cybersecurity, the collective hurt mostly crystallized around the increasing prevalence of targeted ransomware attacks. By investigating a number of these incidents and through discussions with some of our trusted indust
Publish At:2020-07-28 17:22 | Read:1143 | Comments:0 | Tags:APT reports Featured Botnets Cybercrime Lazarus Malware Desc

New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173

By Augusto Remillano II and Jemimah Molina We discovered a new Mirai variant (detected as  IoT.Linux.MIRAI.VWISI) that exploits nine vulnerabilities, most notable of which is CVE-2020-10173 in Comtrend VR-3033 routers which we have not observed exploited by past Mirai variants. This discovery is a new addition to the Mirai variants that appeared in the past
Publish At:2020-07-11 02:25 | Read:389 | Comments:0 | Tags:Botnets Internet of Things internet of things Mirai exploit

XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers 

Insights and analysis by Augusto Remillano II With additional analysis by Patrick Noel Collado and Karen Ivy Titiwa We have recently detected variants of two existing Linux botnet malware types targeting exposed Docker servers; these are XORDDoS malware (detected by Trend Micro as Backdoor.Linux.XORDDOS.AE) and Kaiji DDoS malware (detected by Trend Micro as
Publish At:2020-06-23 02:01 | Read:319 | Comments:0 | Tags:Botnets Cloud botnet DDoS Docker Kaiji XORDDoS DDOS

Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers

By Raphael Centeno and Llallum Victoria With additional insights from Bren Matthew Ebriega Cybercriminals are taking advantage of “the new normal” — involving employees’ remote working conditions and the popularity of user-friendly online tools — by abusing and spoofing popular legitimate applications to infect systems with malicious routines. We found two m
Publish At:2020-05-24 07:47 | Read:329 | Comments:0 | Tags:Bad Sites Botnets Malware application backdoor botnet Devil

DDoS attacks in Q1 2020

News overview Since the beginning of 2020, due to the COVID-2019 pandemic, life has shifted almost entirely to the Web — people worldwide are now working, studying, shopping, and having fun online like never before. This is reflected in the goals of recent DDoS attacks, with the most targeted resources in Q1 being websites of medical organizations, delivery
Publish At:2020-05-18 12:12 | Read:401 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks Internet of Thing

Player vs. Hacker: Cyberthreats to Gaming Companies and Gamers

The video gaming landscape has changed drastically over the past few decades. Some of these changes have led to considerable developments in the cyberthreat landscape as it applies to gaming companies, the games themselves and the user base that enjoys them. Integration of the cloud, mobile apps and social networks, the diversity of games and platforms, th
Publish At:2020-03-16 10:45 | Read:753 | Comments:0 | Tags:Application Security Software & App Vulnerabilities Threat I

Roaming Mantis, part V

Kaspersky has continued to track the Roaming Mantis campaign. The group’s attack methods have improved and new targets continuously added in order to steal more funds. The attackers’ focus has also shifted to techniques that avoid tracking and research: whitelist for distribution, analysis environment detection and so on. We’ve also observe
Publish At:2020-02-27 10:41 | Read:833 | Comments:0 | Tags:APT reports Featured Botnets Google Android Malware Descript

Banking Trojans and Ransomware — A Treacherous Matrimony Bound to Get Worse

The financial malware arena became a mainstream issue a little over a decade ago with the rise of malware like the Zeus Trojan, which at the time was the first commercial banking Trojan available to the cybercrime world. We have come a long way since, and the past decade saw banking Trojans become increasingly sophisticated, specialized and exclusive, operat
Publish At:2020-02-18 09:32 | Read:787 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Botnets Cybercrim

AZORult spreads as a fake ProtonVPN installer

AZORult has its history. However, a few days ago, we discovered what appears to be one of its most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows. Screenshot of a fake ProtonVPN website The campaign started at the end of November 2019 when the threat actor behind it registered a new domain und
Publish At:2020-02-18 06:35 | Read:849 | Comments:0 | Tags:Featured Incidents Botnets Cryptocurrencies Data theft Malve

What Is a DDoS Attack?

After 20 years of prominence, distributed denial-of-service (DDoS) attacks may be causing more devastating effects than ever. The first DDoS attack occurred way back on July 22, 1999 when a network of 114 computers infected with a malicious script called Trin00 attacked a computer at the University of Minnesota, according to MIT Technology Review. The infect
Publish At:2020-02-15 17:18 | Read:763 | Comments:0 | Tags:Network Security Intelligence & Analytics Application Securi

DDoS attacks in Q4 2019

News overview In the past quarter, DDoS organizers continued to harness non-standard protocols for amplification attacks. In the wake of WS-Discovery, which we covered in the previous report, cybercriminals turned to Apple Remote Management Service (ARMS), part of the Apple Remote Desktop (ARD) application for remote administration. The first attacks using A
Publish At:2020-02-15 12:54 | Read:778 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks DNS Amplification

Tools

Tag Cloud