HackDig : Dig high-quality web security articles

Abcbot and Xanthe botnets have the same origin, experts discovered

Experts linked the C2 infrastructure behind an the Abcbot botnet to a cryptocurrency-mining botnet attack that was uncovered in December 2020. Experts linked the infrastructure used by the Abcbot DDoS botnet to the operations of a cryptocurrency-mining botnet that was uncovered in December 2020. In November Researchers from Qihoo 360’s Netlab security
Publish At:2022-01-10 13:00 | Read:214 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Abcbot botnet Cybe

Abcbot DDoS Botnet Linked to Older Cryptojacking Campaign

The relatively recent Abcbot botnet appears to be operated by the same cybercriminals that launched a Xanthe-based cryptojacking campaign first detailed a couple of years ago, Cado Security says.Xanthe was designed to hijack a computer’s resources to mine for cryptocurrency (it uses XMRig for this), while Abcbot packs distributed denial-of-service (DDoS) cap
Publish At:2022-01-10 12:56 | Read:256 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

A new version of the Abcbot bot targets Chinese cloud providers

Researchers spotted a new botnet named Abcbot hat that mainly targeted Chinese cloud hosting providers over the past months. Security researchers discovered a new botnet, named Abcbot, that focused on Chinese cloud hosting providers over the past months. The list of targeted providers includes Alibaba Cloud, Baidu, Tencent, and Huawei Cloud. In
Publish At:2021-12-22 03:01 | Read:369 | Comments:0 | Tags:Breaking News Cyber Crime Malware Abcbot botnet botnet Cyber

Phorpiex Botnet Hijacked 3,000 Cryptocurrency Transactions

Over the past five years, the Phorpiex botnet has managed to hijack approximately 3,000 cryptocurrency transactions, stealing at least hundreds of thousands of dollars, Check Point says.Around since 2016, the botnet became famous for its large sextortion spam campaigns, and was estimated in 2019 to have infected one million devices worldwide. Despite that, i
Publish At:2021-12-17 12:56 | Read:268 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Phorpiex botnet is back, in 2021 it $500K worth of crypto assets

Experts reported the resurgence of the Phorpiex botnet, in one year it allowed to steal crypto assets worth of half a million dollars. Experts at Check Point Research have monitored the resurgence of the Phorpiex botnet, an old threat that was involved in sextortion spam campaigns, crypto-jacking, cryptocurrency clipping (substituting the original wallet
Publish At:2021-12-17 10:19 | Read:256 | Comments:0 | Tags:Breaking News Cyber Crime Malware cryptocurrency malware Cyb

Phorpiex botnet returns with new tricks making it harder to disrupt

The previously shutdown Phorpiex botnet has re-emerged with new peer-to-peer command and control infrastructure, making the malware more difficult to disrupt.The botnet first launched in 2016 and quickly accumulated a massive army of over 1 million devices over the years.The malware generates revenue for its developers by swapping cryptocurrency addresses co
Publish At:2021-12-16 10:41 | Read:260 | Comments:0 | Tags:Security CryptoCurrency botnet

What SMBs can do to protect against Log4Shell attacks

As you may already know, the business, tech, and cybersecurity industries have been buzzing about Log4Shell (CVE-2021-44228), aka Logjam, the latest software flaw in an earlier version of the Apache Log4j logging utility. As the name suggests, a logger is a piece of software that logs every event that happens in a computer system. The records it produces are
Publish At:2021-12-15 21:01 | Read:328 | Comments:0 | Tags:Exploits and vulnerabilities 0-day Apache logger flaw botnet

Mirai-Based 'Manga' Botnet Targets Recent TP-Link Vulnerability

A newly discovered variant of the Mirai-based Manga botnet is targeting a vulnerability in TP-Link routers that was addressed last month.Tracked as CVE-2021-41653, the bug affects the TL-WR840N EU v5 home wireless router devices running firmware iterations up to version TL-WR840N(EU)_V5_171211. TP-Link released an update that patches the flaw on November 12,
Publish At:2021-12-13 09:00 | Read:389 | Comments:0 | Tags:NEWS & INDUSTRY Malware Vulnerabilities Cybercrime Vulne

Two Linux botnets already exploit Log4Shell flaw in Log4j

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. The attempts were carried out by Muhstik and Mi
Publish At:2021-12-13 06:23 | Read:564 | Comments:0 | Tags:Breaking News Hacking Malware Cybercrime hacking news inform

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

A United States court has sentenced to four years in prison for the Russian citizen Oleg Koshkin for his role in Kelihos Botnet development. Oleg Koshkin (41) has been sentenced to 48 months in prison for one count of conspiracy to commit computer fraud and abuse and one count of computer fraud and abuse. Russian national Oleg Koshkin was convicted i
Publish At:2021-12-12 13:00 | Read:531 | Comments:0 | Tags:Breaking News Cyber Crime Malware botnet Cybercrime hacking

Dark Mirai botnet spreads targeting RCE on TP-Link routers

A botnet tracked as Dark Mirai spreads by exploiting a new vulnerability affecting TP-Link TL-WR840N EU V5 home routers. Dark Mirai botnet spreads by exploiting a new vulnerability, tracked as CVE-2021-41653, affecting TP-Link TL-WR840N EU V5 home routers. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(E
Publish At:2021-12-09 18:11 | Read:472 | Comments:0 | Tags:Breaking News Cyber Crime Internet of Things Malware Dark Mi

Dark Mirai botnet targeting RCE on popular TP-Link router

The botnet known as Dark Mirai (aka MANGA) has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017.The flaw is tracked as CVE-2021-41653 and is caused by a vulnerable 'host' variable that an authenticated user can abuse to execute commands on the device.TP-Link fixed the flaw by rele
Publish At:2021-12-09 14:37 | Read:251 | Comments:0 | Tags:Security botnet

Hundreds of thousands of MikroTik devices still vulnerable to botnets

Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks.MikroTik is a Latvian manufacturer of routers and wireless ISPs who has sold over 2,000,000 devices globally.In August, the Mēris botnet exploited vulnerabilities in MikroTik routers to create an army of de
Publish At:2021-12-09 10:41 | Read:249 | Comments:0 | Tags:Security Hardware botnet

'Moobot' Botnet Targets Hikvision Devices via Recent Vulnerability

A Mirai-based botnet dubbed 'Moobot' is attempting to exploit a recently addressed vulnerability that affects many Hikvision products, according to Fortinet’s FortiGuard Labs.Tracked as CVE-2021-36260 and affecting over 70 cameras and NVRs from Hikvision, the critical-severity bug can be exploited to gain root access and completely take over vulnerable devic
Publish At:2021-12-09 09:00 | Read:382 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Moobot is a Mirai-based botnet that is leveraging a critical command injection vulnerability in the webserver of some Hikvision products. The Mirai-based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260, in the webserver of several Hikvision products. The Moobot was first documented by Palo Alt
Publish At:2021-12-09 06:23 | Read:480 | Comments:0 | Tags:Breaking News Malware Cybercrime Hacking hacking news inform

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3