Latest Botnet news

Moldovan charged for operating botnet used to push ransomware

The U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator of a large-scale botnet that infected thousands of computers across the United States.
- Sergiu Gatlan
- April 17, 2024
- 02:53 PM
- 0
Multiple botnets exploiting one-year-old TP-Link flaw to hack routers

At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 (AX1800) routers vulnerable to a command injection security issue reported and addressed last year.
- Bill Toulas
- April 17, 2024
- 09:03 AM
- 3
RUBYCARP hackers linked to 10-year-old cryptomining botnet

A Romanian botnet group named 'RUBYCARP' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain.
- Bill Toulas
- April 09, 2024
- 11:30 AM
- 0
Cisco warns of password-spraying attacks targeting VPN services

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.
- Bill Toulas
- March 28, 2024
- 12:37 PM
- 0
TheMoon malware infects 6,000 ASUS routers in 72 hours for proxy service

A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office (SOHO) routers and IoT devices in 88 countries.
- Bill Toulas
- March 26, 2024
- 11:00 AM
- 0
No, 3 million electric toothbrushes were not used in a DDoS attack

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical scenario instead of an actual attack.
- Lawrence Abrams
- February 07, 2024
- 12:21 PM
- 4
Chinese hackers fail to rebuild botnet after FBI takedown

Chinese Volt Typhoon state hackers failed to revive a botnet recently taken down by the FBI, which was previously used in attacks targeting critical infrastructure across the United States.
- Sergiu Gatlan
- February 07, 2024
- 10:00 AM
- 0
PurpleFox malware infects thousands of computers in Ukraine

The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country.
- Bill Toulas
- February 01, 2024
- 12:10 PM
- 0
Bigpanzi botnet infects 170,000 Android TV boxes with malware

A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes worldwide since at least 2015.
- Bill Toulas
- January 17, 2024
- 01:54 PM
- 0
FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads.
- Sergiu Gatlan
- January 16, 2024
- 12:34 PM
- 0
QNAP VioStor NVR vulnerability actively exploited by malware botnet

A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm.
- Bill Toulas
- December 16, 2023
- 11:17 AM
- 0
Stealthy KV-botnet hijacks SOHO routers and VPN devices

The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named 'KV-botnet' it uses since at least 2022 to attack SOHO routers in high-value targets.
- Bill Toulas
- December 13, 2023
- 05:47 PM
- 1
Stealthier version of P2Pinfect malware targets MIPS devices

The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS (Microprocessor without Interlocked Pipelined Stages) processors, such as routers and IoT devices.
- Bill Toulas
- December 04, 2023
- 04:10 PM
- 0
New botnet malware exploits two zero-days to infect NVRs and routers

A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices.
- Bill Toulas
- November 22, 2023
- 12:39 PM
- 0
MySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnet

MySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is rented to other cybercriminals.
- Bill Toulas
- November 16, 2023
- 03:11 PM
- 0
Sponsored Content
How DDoS attacks are taking down even the largest tech companies

DDoS attacks are increasingly taking down even the largest tech companies. Learn more Specops Software on these types of attacks and how you can protect your devices from being recruited into botnets.
- Sponsored by Specops Software
- November 16, 2023
- 10:01 AM
- 0
IPStorm botnet with 23,000 proxies for malicious traffic dismantled

The U.S. Department of Justive announced today that Federal Bureau of Investigation took down the network and infrastructure of a botnet proxy service called IPStorm.
- Bill Toulas
- November 14, 2023
- 07:05 PM
- 0
Socks5Systemz proxy service infects 10,000 systems worldwide

A proxy botnet called 'Socks5Systemz' has been infecting computers worldwide via the 'PrivateLoader' and 'Amadey' malware loaders, currently counting 10,000 infected devices.
- Bill Toulas
- November 05, 2023
- 10:17 AM
- 0
Mozi malware botnet goes dark after mysterious use of kill-switch

Mozi malware botnet activity faded away in August after a mysterious unknown party sent a payload on September 27, 2023, that triggered a kill switch to deactivate all bots.
- Bill Toulas
- November 01, 2023
- 01:21 PM
- 0
Mirai DDoS malware variant expands targets with 13 router exploits

A Mirai-based DDoS (distributed denial of service) malware botnet tracked as IZ1H9 has added thirteen new payloads to target Linux-based routers and routers from D-Link, Zyxel, TP-Link, TOTOLINK, and others.
- Bill Toulas
- October 10, 2023
- 04:35 PM
- 1