HackDig : Dig high-quality web security articles for hackers

XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers 

Insights and analysis by Augusto Remillano II With additional analysis by Patrick Noel Collado and Karen Ivy Titiwa We have recently detected variants of two existing Linux botnet malware types targeting exposed Docker servers; these are XORDDoS malware (detected by Trend Micro as Backdoor.Linux.XORDDOS.AE) and Kaiji DDoS malware (detected by Trend Micro as
Publish At:2020-06-23 02:01 | Read:106 | Comments:0 | Tags:Botnets Cloud botnet DDoS Docker Kaiji XORDDoS DDOS

Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers

By Raphael Centeno and Llallum Victoria With additional insights from Bren Matthew Ebriega Cybercriminals are taking advantage of “the new normal” — involving employees’ remote working conditions and the popularity of user-friendly online tools — by abusing and spoofing popular legitimate applications to infect systems with malicious routines. We found two m
Publish At:2020-05-24 07:47 | Read:212 | Comments:0 | Tags:Bad Sites Botnets Malware application backdoor botnet Devil

DDoS attacks in Q1 2020

News overview Since the beginning of 2020, due to the COVID-2019 pandemic, life has shifted almost entirely to the Web — people worldwide are now working, studying, shopping, and having fun online like never before. This is reflected in the goals of recent DDoS attacks, with the most targeted resources in Q1 being websites of medical organizations, delivery
Publish At:2020-05-18 12:12 | Read:223 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks Internet of Thing

Player vs. Hacker: Cyberthreats to Gaming Companies and Gamers

The video gaming landscape has changed drastically over the past few decades. Some of these changes have led to considerable developments in the cyberthreat landscape as it applies to gaming companies, the games themselves and the user base that enjoys them. Integration of the cloud, mobile apps and social networks, the diversity of games and platforms, th
Publish At:2020-03-16 10:45 | Read:592 | Comments:0 | Tags:Application Security Software & App Vulnerabilities Threat I

Roaming Mantis, part V

Kaspersky has continued to track the Roaming Mantis campaign. The group’s attack methods have improved and new targets continuously added in order to steal more funds. The attackers’ focus has also shifted to techniques that avoid tracking and research: whitelist for distribution, analysis environment detection and so on. We’ve also observe
Publish At:2020-02-27 10:41 | Read:547 | Comments:0 | Tags:APT reports Featured Botnets Google Android Malware Descript

Banking Trojans and Ransomware — A Treacherous Matrimony Bound to Get Worse

The financial malware arena became a mainstream issue a little over a decade ago with the rise of malware like the Zeus Trojan, which at the time was the first commercial banking Trojan available to the cybercrime world. We have come a long way since, and the past decade saw banking Trojans become increasingly sophisticated, specialized and exclusive, operat
Publish At:2020-02-18 09:32 | Read:539 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Botnets Cybercrim

AZORult spreads as a fake ProtonVPN installer

AZORult has its history. However, a few days ago, we discovered what appears to be one of its most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows. Screenshot of a fake ProtonVPN website The campaign started at the end of November 2019 when the threat actor behind it registered a new domain und
Publish At:2020-02-18 06:35 | Read:709 | Comments:0 | Tags:Featured Incidents Botnets Cryptocurrencies Data theft Malve

What Is a DDoS Attack?

After 20 years of prominence, distributed denial-of-service (DDoS) attacks may be causing more devastating effects than ever. The first DDoS attack occurred way back on July 22, 1999 when a network of 114 computers infected with a malicious script called Trin00 attacked a computer at the University of Minnesota, according to MIT Technology Review. The infect
Publish At:2020-02-15 17:18 | Read:568 | Comments:0 | Tags:Network Security Intelligence & Analytics Application Securi

DDoS attacks in Q4 2019

News overview In the past quarter, DDoS organizers continued to harness non-standard protocols for amplification attacks. In the wake of WS-Discovery, which we covered in the previous report, cybercriminals turned to Apple Remote Management Service (ARMS), part of the Apple Remote Desktop (ARD) application for remote administration. The first attacks using A
Publish At:2020-02-15 12:54 | Read:611 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks DNS Amplification

DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet

by Aliakbar Zahravi  We recently found notable malware activity affecting devices running Linux, a platform that has battled numerous issues just this year. Further analysis of retrieved malware samples revealed that these actions were connected to a botnet called Momentum (named for the image found in its communication channel). We found new details on the
Publish At:2019-12-16 14:35 | Read:1132 | Comments:0 | Tags:Botnets Exploits Internet of Things botnet IOT Momentum rout

More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting

By Feike Hacquebord, Cedric Pernet, and Kenney Lu The threat group regularly referred to as APT33 is known to target the oil and aviation industries aggressively. This threat group has been reported on consistently for years, but our recent findings show that the group has been using about a dozen live Command and Control (C&C) servers for extremely narr
Publish At:2019-11-14 03:20 | Read:915 | Comments:0 | Tags:Botnets Targeted Attacks APT APT33 botnet phishing VPN

DDoS attacks in Q3 2019

News overview This past quarter we observed a new DDoS attack that confirmed our earlier hypothesis regarding attacks through the Memcached protocol. As we surmised, the attackers attempted to use another, rather exotic protocol to amplify DDoS attacks. Experts at Akamai Technologies recently registered an attack on one of their clients that was carried out
Publish At:2019-11-12 01:05 | Read:976 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks DNS Amplification

IoT: a malware story

Since 2008, cyber-criminals have been creating malware to attack IoT-devices, such as routers and other types of network equipment. You will find a lot of statistics on this on Securelist, most notably, here and here. The main problem with these IoT/embedded devices is that one simply cannot install any kind of security software. How do we deal with that? Th
Publish At:2019-10-15 06:20 | Read:1301 | Comments:0 | Tags:Featured Malware reports Backdoor Botnets honeypot Internet

New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We found a new modular fileless botnet malware, which we named “Novter,” (also reported and known as “Nodersok” and “Divergent”) that the KovCoreG campaign has been distributing since March. We’ve been actively monitoring this threat since its emergence and early development, and saw it being frequen
Publish At:2019-10-01 08:20 | Read:2473 | Comments:0 | Tags:Bad Sites Botnets Malware botnet KovCoreG malvertising Nodst

Emotet malspam campaign uses Snowden’s new book as lure

Exactly one week ago, Emotet, one of the most dangerous threats to organizations in the last year, resumed its malicious spam campaigns after several months of inactivity. Based on our telemetry, we can see that the botnet started becoming chatty with its command and control servers (C2), about a week or so before the spam came through. Figure 1: Communic
Publish At:2019-09-23 23:25 | Read:1417 | Comments:0 | Tags:Botnets botnet botnets Edward Snowden emotet macros malspam

Announce

Share high-quality web security related articles with you:)

Tools