Botnet News, Articles and Updates

Mirai variant that struck financial institutions in January detailed

Another variant of the Mirai botnet was used to attack at least three financial institutions earlier this year using a variety of compromised consumer and enterprise-level IoT products.

Gozi ISFB malware spreading more havoc in 2018

Banking trojan Gozi ISFB, the widely distributed Dark Cloud botnet well known to financial institutions, surfaced a few years ago but increasingly is being deployed in 2018, reports security research firm Talos reports.

DarkSky botnet spotted evading security measures

A new botnet has been discovered by security researchers that has anti-virtual machine capabilities to evade security controls such as a sandbox.

ADB.Miner takes cryptominer mobile and beyond targeting Android devices

Malicious cryptominers are going mobile and beyond with a new botnet malware targeting Android-based devices that expose debug capabilities to the internet, for the purpose or mining Monero.

JenX botnet using video game to recruit IoT devices

Security researchers have found a new botnet that uses flaws connected to the Satori botnet and uses hosting services running multiplayer versions of Grand Theft Auto to infect IoT devices.

Satori creator linked with new Mirai variant Masuta

Nexus Zeta behind botnet that weaponises router exploit to enlist further vulnerable IoT devices. The author of Satori botnet may also be behind two new Mirai variants called Masuta and PureMasuta.

Hide 'N Seek IoT botnet caught using Peer-to-Peer communication

An emerging botnet comprised of compromised IoT devices dubbed "Hide 'N Seek" or HNS is using custom built Peer-to-Peer communication to exploit victims and build its infrastructure.

New Mirai botnet variants target ARC processors, cryptomining hosts

A newly discovered variant of the Mirai Internet of Things botnet is specifically designed to attack the ubiquitous 32-bit embedded Argonaut RISC Core processor from ARC International.

Dismantled Andromeda botnet will 'slowly disappear' over time

What remains of the Andromeda botnet that was largely dismantled in a November 2017 global law enforcement operation will probably "slowly disappear" as remediation continues into 2018, predicted one cyber-security company.

Necurs botnet launches massive 47 million emails per day campaign

The Necurs botnet continued to launch massive global ransomware attacks through the holidays with researchers stopping as many as 47 million emails per day.

IoT botnets will force governments to regulate IoT device manufacturers

As IoT botnet attacks continue to grow in size and effectiveness in 2018, the damage they cause will force the IoT manufacturing industry to add stronger security to their products.

Necurs rides 12 million email campaign move up Most Wanted Malware list

The use of the Necurs botnet to spread Scarab ransomware over the US Thanksgiving holiday helped propel Necurs up several places on Check Point's Ten Most Wanted Malware list for November.

Three plead guilty to creating Mirai IoT botnet malware

Three men have pleaded guilty in US federal court to charges related to the creation of the Mirai Internet of Things botnet malware, variants of which have been used in a series of DDoS attacks since 2016.

BrickerBot creators announce retirement from active operations

The individual, or people, behind the BrickerBot malware attacks have decided to hang up their mouse and keyboard after claiming to have locked more than 10 million supposedly unsecure Internet of Things devices.

Satori Botnet able to launch crippling attacks at any time

A massive new IoT botnet dubbed Satori has emerged, which security researchers fear, can launch crippling attacks at any time. According to the IBT the botnet has already infected more than 280,000 IP addresses in just 12 hours.

Arrested Belarusian identified as significant cyber-criminal figure

The suspect which international authorities arrested in Belarus during an operation to dismantle the Andromeda botnet has been identified with a high degree of certainty as Jarets Sergey Grigorevich, a high-profile cyber-criminal.

Global law enforcement operation decimates giant Andromeda botnet

An international contingent of law-enforcement agencies on Friday dismantled the massive Andromeda malware botnet, sinkholing around 1,500 malicious domains and arresting a suspect in Belarus.

New Mirai variant back on radar after new exploit code published

A new strain of the Mirai IoT malware has been discovered following the publication of exploit code targeting networking equipment.

Necurs used to infect computers with Scarab ransomware

A new strain of ransomware has been discovered that is being distributed by the Necurs botnet, according to security researchers.

Massive IoT botnet infects over one million organisations

Reaper IOT botnet could be worse than Mirai suggest some commentators as it continues to evolve.

Necurs botnet attackers likely gathering intel via downloader screen grabs

The Necurs botnet is on the rise again, this time sporting a downloader that screengrabs the desktops of infected systems.

Linux IoT botnet retooled to send spam email

An IoT botnet has set its hooks in about 4,500 - 5,000 proxy devices to send spam emails which each device capable of sending 400 messages or a total of 1.8 million messages per day.

Sharing IOT malware rife, botnets now child's play as teen arrest shows

A 13 year old hacker caught trying to build up botnet to hack CCTV cameras demonstrates that attacking IoT devices is literally child's play, thanks to widespread sharing of IoTmalware.

Trickbot banking Trojan a significant risk to financial institutions

Vitali Kremez reports how the Necurs botnet is delivering a different type of malware that poses a threat specifically to the financial sector: the "Trickbot" banking Trojan.

ICYMI: Facebook malware; nude celeb hack; logons key; spambot; CeX hack

In Case You Missed It: Facebook spreads malware; Instagram celeb hack; Logon breach id key; Spambot weaponises 711 m accounts; CeX hacked

Spambot weaponises 711M accounts to spread Ursnif malware

A Paris-based security researcher, Benkow, spotted a massive spambot, dubbed Onliner, weaponising 711 million email and server accounts to distribute phishing emails laced with malware looking to steal user data.

'Thingbots' become a 'thing' expected to underpin a future darknet

Botnets built exclusively from IoT devices have very much become a 'thing - thingbots - and they are now becoming a primary infrastructure for a future darknet according to a report from cybersecurity firm F5 Networks.

ICYMI: Skills gap? Mirai; GDPR; £14.5m centre; ApplePay vulnerable

In Case You Missed It: Skills gap real? Mirai hits DT; GDPR ignored; £14.5m cyber-centre; ApplePay vulnerable to two threats

Active Directory botnet establishes C&C inside infected networks

Researchers have developed a potentially devastating new botnet that abuses infected victims' Active Directory Domain Controllers, turning them into internally hosted command and control servers.