HackDig : Dig high-quality web security articles for hacker

More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting

By Feike Hacquebord, Cedric Pernet, and Kenney Lu The threat group regularly referred to as APT33 is known to target the oil and aviation industries aggressively. This threat group has been reported on consistently for years, but our recent findings show that the group has been using about a dozen live Command and Control (C&C) servers for extremely narr
Publish At:2019-11-14 03:20 | Read:103 | Comments:0 | Tags:Botnets Targeted Attacks APT APT33 botnet phishing VPN

DDoS attacks in Q3 2019

News overview This past quarter we observed a new DDoS attack that confirmed our earlier hypothesis regarding attacks through the Memcached protocol. As we surmised, the attackers attempted to use another, rather exotic protocol to amplify DDoS attacks. Experts at Akamai Technologies recently registered an attack on one of their clients that was carried out
Publish At:2019-11-12 01:05 | Read:80 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks DNS Amplification

IoT: a malware story

Since 2008, cyber-criminals have been creating malware to attack IoT-devices, such as routers and other types of network equipment. You will find a lot of statistics on this on Securelist, most notably, here and here. The main problem with these IoT/embedded devices is that one simply cannot install any kind of security software. How do we deal with that? Th
Publish At:2019-10-15 06:20 | Read:198 | Comments:0 | Tags:Featured Malware reports Backdoor Botnets honeypot Internet

New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We found a new modular fileless botnet malware, which we named “Novter,” (also reported and known as “Nodersok” and “Divergent”) that the KovCoreG campaign has been distributing since March. We’ve been actively monitoring this threat since its emergence and early development, and saw it being frequen
Publish At:2019-10-01 08:20 | Read:405 | Comments:0 | Tags:Bad Sites Botnets Malware botnet KovCoreG malvertising Nodst

Emotet malspam campaign uses Snowden’s new book as lure

Exactly one week ago, Emotet, one of the most dangerous threats to organizations in the last year, resumed its malicious spam campaigns after several months of inactivity. Based on our telemetry, we can see that the botnet started becoming chatty with its command and control servers (C2), about a week or so before the spam came through. Figure 1: Communic
Publish At:2019-09-23 23:25 | Read:397 | Comments:0 | Tags:Botnets botnet botnets Edward Snowden emotet macros malspam

Emotet is back: botnet springs back to life with new spam campaign

After a fairly long hiatus that lasted nearly four months, Emotet is back with an active spam distribution campaign. For a few weeks, there were signs that the botnet was setting its gears in motion again, as we observed command and control (C2) server activity. But this morning, the Trojan started pumping out spam, a clear indication it’s ready to jum
Publish At:2019-09-20 11:20 | Read:289 | Comments:0 | Tags:Botnets botnet botnets downloader emotet information stealer

DDoS attacks in Q3 2017

News Overview In the third quarter of 2017, the trends of the preceding quarters continued to develop further. The number of DDoS attacks in China, the United States, South Korea and Russia increased, which were reflected in the statistics we gathered for botnets. A sharp surge in the number (more than 450 daily) and power (up to 15.8 million packets per sec
Publish At:2017-11-06 09:20 | Read:3201 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks Internet of Thing

Miners on the Rise

Miners are a class of malware whose popularity has grown substantially this year. The actual process of cryptocurrency mining is perfectly legal, though there are groups of people who hoodwink unwitting users into installing mining software on their computers, or exploiting software vulnerabilities to do so. This results in threat actors receiving cryptocurr
Publish At:2017-09-12 13:30 | Read:2670 | Comments:0 | Tags:Research Botnets Cryptocurrencies Malware Descriptions Socia

EMOTET Returns, Starts Spreading via Spam Botnet

We first detected the banking malware EMOTET back in 2014, we looked into the banking malware’s routines and behaviors and took note of its information stealing abilities via network sniffing. After a period of relative inactivity, it appears it’s making a comeback with increased activity from new variants (Detected by Trend Micro as TSPY_EMOTET.AUSJLA
Publish At:2017-09-07 22:45 | Read:4052 | Comments:0 | Tags:Botnets Malware botnet EMOTET Trojan

DDoS attacks in Q2 2017

News Overview The second quarter of 2017 saw DDoS attacks being more and more frequently used as a tool for political struggle. The Qatar crisis was accompanied by an attack on the website of Al Jazeera, the largest news network in the area, Le Monde and Le Figaro websites were targeted in the heat of the presidential election in France, and in Great Britain
Publish At:2017-08-01 17:45 | Read:3746 | Comments:0 | Tags:Featured Quarterly Malware Reports Botnets DDoS-attacks Inte

After Big Takedown Efforts, 20 More BankBot Mobile Malware Apps Make It Into Google Play

A flashlight app, fake videos or a fake gaming app? Any one of those could be malicious and harboring a mobile malware app, right there in a trusted official app store. In an ongoing trend, IBM X-Force noted that malicious apps manage to circumvent controls and infiltrate legitimate stores. And this is not about the plethora of adware apps infecting users in
Publish At:2017-07-28 03:30 | Read:4281 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Mobile

Honeypots and the Internet of Things

There were a number of incidents in 2016 that triggered increased interest in the security of so-called IoT or ‘smart’ devices. They included, among others, the record-breaking DDoS attacks against the French hosting provider OVH and the US DNS provider Dyn. These attacks are known to have been launched with the help of a massive botnet made up o
Publish At:2017-06-19 09:35 | Read:4789 | Comments:0 | Tags:Featured Research Backdoor Botnets DDoS-attacks honeypot Int

Dridex: A History of Evolution

The Dridex banking Trojan, which has become a major financial cyberthreat in the past years (in 2015, the damage done by the Trojan was estimated at over $40 million), stands apart from other malware because it has continually evolved and become more sophisticated since it made its first appearance in 2011. Dridex has been able to escape justice for so long
Publish At:2017-05-25 13:15 | Read:4087 | Comments:0 | Tags:Analysis Publications Botnets Financial malware Malware Desc

DDOS attacks in Q1 2017

News Overview Thanks to IoT botnets, DDoS attacks have finally turned from something of a novelty into an everyday occurrence. According to the A10 Networks survey, this year the ‘DDoS of Things’ (DoT) has reached critical mass – in each attack, hundreds of thousands of devices connected to the Internet are being leveraged. The fight against this
Publish At:2017-05-13 11:15 | Read:4772 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports Botnets DDoS-att

Hajime, the mysterious evolving botnet

Introduction Hajime (meaning ‘beginning’ in Japanese) is an IoT worm that was first mentioned on 16 October 2016 in a public report by RapidityNetworks. One month later we saw the first samples being uploaded from Spain to VT. This worm builds a huge P2P botnet (almost 300,000 devices at the time of publishing this blogpost), but its real purpose
Publish At:2017-04-25 12:00 | Read:7046 | Comments:0 | Tags:Blog Featured Research Botnets honeypot Internet of Things M

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud