Security News > 2023 > June > From Cryptojacking to DDoS Attacks: Diicot Expands Tactics with Cayosin Botnet
Cybersecurity researchers have discovered previously undocumented payloads associated with a Romanian threat actor named Diicot, revealing its potential for launching distributed denial-of-service attacks.
"The Diicot name is significant, as it's also the name of the Romanian organized crime and anti-terrorism policing unit," Cado Security said in a technical report.
Diicot was first documented by Bitdefender in July 2021, uncovering the actor's use of a Go-based SSH brute-forcer tool called Diicot Brute to breach Linux hosts as part of a cryptojacking campaign.
The development is a sign that the threat actor now possesses the ability to mount DDoS attacks.
"The use of Cayosin demonstrates Diicot's willingness to conduct a variety of attacks depending on the type of targets they encounter."
To mitigate such attacks, organizations are recommended to implement SSH hardening and firewall rules to limit SSH access to specific IP addresses.
News URL
https://thehackernews.com/2023/06/from-cryptojacking-to-ddos-attacks.html
Related news
- New Eleven11bot botnet infects 86,000 devices for DDoS attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- Unpatched Edimax IP camera flaw actively exploited in botnet attacks (source)
- Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year (source)
- DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns (source)