Experts linked the C2 infrastructure behind an the Abcbot botnet to a cryptocurrency-mining botnet attack that was uncovered in December 2020. Experts linked the infrastructure used by the Abcbot DDoS botnet to the operations of a cryptocurrency-mining botnet that was uncovered in December 2020. In November Researchers from Qihoo 360’s Netlab security

The relatively recent Abcbot botnet appears to be operated by the same cybercriminals that launched a Xanthe-based cryptojacking campaign first detailed a couple of years ago, Cado Security says.Xanthe was designed to hijack a computer’s resources to mine for cryptocurrency (it uses XMRig for this), while Abcbot packs distributed denial-of-service (DDoS) cap

Researchers spotted a new botnet named Abcbot hat that mainly targeted Chinese cloud hosting providers over the past months. Security researchers discovered a new botnet, named Abcbot, that focused on Chinese cloud hosting providers over the past months. The list of targeted providers includes Alibaba Cloud, Baidu, Tencent, and Huawei Cloud. In

Over the past five years, the Phorpiex botnet has managed to hijack approximately 3,000 cryptocurrency transactions, stealing at least hundreds of thousands of dollars, Check Point says.Around since 2016, the botnet became famous for its large sextortion spam campaigns, and was estimated in 2019 to have infected one million devices worldwide. Despite that, i

Experts reported the resurgence of the Phorpiex botnet, in one year it allowed to steal crypto assets worth of half a million dollars. Experts at Check Point Research have monitored the resurgence of the Phorpiex botnet, an old threat that was involved in sextortion spam campaigns, crypto-jacking, cryptocurrency clipping (substituting the original wallet

The previously shutdown Phorpiex botnet has re-emerged with new peer-to-peer command and control infrastructure, making the malware more difficult to disrupt.The botnet first launched in 2016 and quickly accumulated a massive army of over 1 million devices over the years.The malware generates revenue for its developers by swapping cryptocurrency addresses co

As you may already know, the business, tech, and cybersecurity industries have been buzzing about Log4Shell (CVE-2021-44228), aka Logjam, the latest software flaw in an earlier version of the Apache Log4j logging utility. As the name suggests, a logger is a piece of software that logs every event that happens in a computer system. The records it produces are

A newly discovered variant of the Mirai-based Manga botnet is targeting a vulnerability in TP-Link routers that was addressed last month.Tracked as CVE-2021-41653, the bug affects the TL-WR840N EU v5 home wireless router devices running firmware iterations up to version TL-WR840N(EU)_V5_171211. TP-Link released an update that patches the flaw on November 12,

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. The attempts were carried out by Muhstik and Mi

A United States court has sentenced to four years in prison for the Russian citizen Oleg Koshkin for his role in Kelihos Botnet development. Oleg Koshkin (41) has been sentenced to 48 months in prison for one count of conspiracy to commit computer fraud and abuse and one count of computer fraud and abuse. Russian national Oleg Koshkin was convicted i

A botnet tracked as Dark Mirai spreads by exploiting a new vulnerability affecting TP-Link TL-WR840N EU V5 home routers. Dark Mirai botnet spreads by exploiting a new vulnerability, tracked as CVE-2021-41653, affecting TP-Link TL-WR840N EU V5 home routers. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(E

The botnet known as Dark Mirai (aka MANGA) has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017.The flaw is tracked as CVE-2021-41653 and is caused by a vulnerable 'host' variable that an authenticated user can abuse to execute commands on the device.TP-Link fixed the flaw by rele

Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks.MikroTik is a Latvian manufacturer of routers and wireless ISPs who has sold over 2,000,000 devices globally.In August, the Mēris botnet exploited vulnerabilities in MikroTik routers to create an army of de

A Mirai-based botnet dubbed 'Moobot' is attempting to exploit a recently addressed vulnerability that affects many Hikvision products, according to Fortinet’s FortiGuard Labs.Tracked as CVE-2021-36260 and affecting over 70 cameras and NVRs from Hikvision, the critical-severity bug can be exploited to gain root access and completely take over vulnerable devic

Moobot is a Mirai-based botnet that is leveraging a critical command injection vulnerability in the webserver of some Hikvision products. The Mirai-based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260, in the webserver of several Hikvision products. The Moobot was first documented by Palo Alt