Fodcha DDoS Botnet Resurfaces with New Capabilities

2022-10-31 14:28

The threat actor behind the Fodcha distributed denial-of-service botnet has resurfaced with new capabilities, researchers reveal.

Fodcha first came to light earlier this April, with the malware propagating through known vulnerabilities in Android and IoT devices as well as weak Telnet or SSH passwords.

The cybersecurity company said that Fodcha has evolved into a large-scale botnet with over 60,000 active nodes and 40 command-and-control domains that can "Easily generate more than 1 Tbps traffic."

Some of the prominent targets range from healthcare organizations and law enforcement agencies to a well-known cloud service provider that was assaulted with traffic exceeding 1 Tbps. Fodcha's evolution has also been accompanied by new stealth features that encrypt communications with the C2 server and embed ransom demands, making it a more potent threat.

"Fodcha reuses a lot of Mirai's attack code, and supports a total of 17 attack methods," the cybersecurity company noted.

The findings come as new research from Lumen Black Lotus Labs pointed out the growing abuse of the Connectionless Lightweight Directory Access Protocol to magnify the scale of DDoS attacks.

News URL

https://thehackernews.com/2022/10/fodcha-ddos-botnet-resurfaces-with-new.html

#botnet #ddos

News URL

Related news