Security News > 2024 > January > Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More
The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st malware.
The Androxgh0st malware was exposed in December 2022 by Lacework, a cloud security company.
The cybersecurity company Fortinet exposed telemetry on Androxgh0st, which shows more than 40,000 devices infected by the botnet.
Figure A. The FBI/CISA advisory states: "Androxgh0st malware also supports numerous functions capable of abusing the Simple Mail Transfer Protocol, such as scanning and exploiting exposed credentials and application programming interfaces, and web shell deployment."
How can Androxgh0st malware exploit old vulnerabilities?
How to protect from this Androxgh0st malware threat.
News URL
https://www.techrepublic.com/article/androxgh0st-malware-botnet/
Related news
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services (source)
- Volt Typhoon rebuilds malware botnet following FBI disruption (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials (source)
- Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket (source)
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)
- BadBox malware botnet infects 192,000 Android devices despite disruption (source)