Security News > 2022 > November > Warning: New RapperBot Campaign Aims to Launch DDoS Attacks at Game Servers

Cybersecurity researchers have unearthed new samples of malware called RapperBot that are being used to build a botnet capable of launching Distributed Denial of Service attacks against game servers.

"In fact, it turns out that this campaign is less like RapperBot than an older campaign that appeared in February and then mysteriously disappeared in the middle of April," Fortinet FortiGuard Labs researchers Joie Salvio and Roy Tay said in a Tuesday report.

What's notable about the updated version of RapperBot is its ability to perform Telnet brute-force, in addition to supporting DoS attacks using the Generic Routing Encapsulation tunneling protocol.

A successful break-in is followed by reporting the credentials used back to the C2 server and installing the RapperBot payload on the hacked device.

What's more, the October 2022 campaign has been found to share overlaps with other operations involving the malware as far back as May 2021, with the Telnet spreader module making its first appearance in August 2021, only to be removed in later samples and reintroduced last month.

"Based on the undeniable similarities between this new campaign and the previously reported RapperBot campaign, it is highly likely that they are being operated by a single threat actor or by different threat actors with access to a privately-shared base source code," the researchers concluded.

News URL

https://thehackernews.com/2022/11/warning-new-rapperbot-campaign-aims-to.html