Security News > 2023 > June > From Cryptojacking to DDoS Attacks: Diicot Expands Tactics with Cayosin Botnet
Cybersecurity researchers have discovered previously undocumented payloads associated with a Romanian threat actor named Diicot, revealing its potential for launching distributed denial-of-service attacks.
"The Diicot name is significant, as it's also the name of the Romanian organized crime and anti-terrorism policing unit," Cado Security said in a technical report.
Diicot was first documented by Bitdefender in July 2021, uncovering the actor's use of a Go-based SSH brute-forcer tool called Diicot Brute to breach Linux hosts as part of a cryptojacking campaign.
The development is a sign that the threat actor now possesses the ability to mount DDoS attacks.
"The use of Cayosin demonstrates Diicot's willingness to conduct a variety of attacks depending on the type of targets they encounter."
To mitigate such attacks, organizations are recommended to implement SSH hardening and firewall rules to limit SSH access to specific IP addresses.
News URL
https://thehackernews.com/2023/06/from-cryptojacking-to-ddos-attacks.html