Security News > 2020 > April > Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild
Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage 'distributed denial-of-service' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services.
Helios as the individual behind the development of dark nexus, who is a known botnet author infamous for selling DDoS services on social media platforms and using a YouTube channel to advertise its capabilities.
Dark nexus comes with persistence commands that prevent the device from getting rebooted by stopping the cron service and removing privileges to services that could be used to reboot said device in question.
The fact that dark nexus is built on the foundations of Mirai and Qbot is proof of the evolving tactics of botnet operators and inexperienced hackers alike, allowing them to add new functionality by exploiting a variety of vulnerabilities in poorly secured IoT devices and amass modern botnet armies.
"Using YouTube videos demoing some of his past work and posting offerings on various cybercriminal forums, greek.Helios seems to have experience with IoT malware skills, honing them to the point of developing the new dark nexus botnet," Bitdefender researchers concluded.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/e_M3-xGQYxo/darknexus-iot-ddos-botnet.html
Related news
- AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services (source)
- IoT Devices in Password-Spraying Botnet (source)
- Volt Typhoon rebuilds malware botnet following FBI disruption (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices (source)