Security News > 2022 > December > Minecraft Servers Under Attack: Microsoft Warns About Cross-Platform DDoS Botnet
Microsoft on Thursday flagged a cross-platform botnet that's primarily designed to launch distributed denial-of-service attacks against private Minecraft servers.
Called MCCrash, the botnet is characterized by a unique spreading mechanism that allows it to propagate to Linux-based devices despite originating from malicious software downloads on Windows hosts.
"The botnet spreads by enumerating default credentials on internet-exposed Secure Shell-enabled devices," the company said in a report.
The initial infection point for the botnet is a pool of machines that have been compromised through the installation of cracking tools that claim to provide illegal Windows licenses.
The software subsequently acts as a conduit to execute a Python payload that contains the core features of the botnet, including scanning for SSH-enabled Linux devices to launch a dictionary attack.
The findings come days after Fortinet FortiGuard Labs revealed details of a new botnet dubbed GoTrim, which has been observed brute-forcing self-hosted WordPress websites.
News URL
https://thehackernews.com/2022/12/minecraft-servers-under-attack.html
Related news
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft (source)
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
- Microsoft fixes bugs causing Windows Server 2025 blue screens, install issues (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- New NachoVPN attack uses rogue VPN servers to install malicious updates (source)
- Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign (source)