Security News > 2023 > March > New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
2023-03-17 12:07

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service attacks.

The threat actors behind HinataBot are said to have been active since at least December 2022, with the attacks first attempting to use a generic Go-based Mirai variant before switching to their own custom malware starting from January 11, 2023.

The malware, like other DDoS botnets of its kind, is capable of contacting a command-and-control server to listen for incoming instructions and initiate attacks against a target IP address for a specified duration.

The findings also come as Microsoft revealed that TCP attacks emerged as the most frequent form of DDoS attack encountered in 2022, accounting for 63% of all attack traffic, followed by UDP floods and amplification attacks, and packet anomaly attacks.

Besides being used as distractions to conceal extortion and data theft, DDoS attacks are also expected to rise due to the arrival of new malware strains that are capable of targeting IoT devices and taking over accounts to gain unauthorized access to resources.

"With DDoS attacks becoming more frequent, sophisticated, and inexpensive to launch, it's important for organizations of all sizes to be proactive, stay protected all year round, and develop a DDoS response strategy," the tech giant's Azure Network Security Team said.

News URL