Security News > 2024 > January > Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More
The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st malware.
The Androxgh0st malware was exposed in December 2022 by Lacework, a cloud security company.
The cybersecurity company Fortinet exposed telemetry on Androxgh0st, which shows more than 40,000 devices infected by the botnet.
Figure A. The FBI/CISA advisory states: "Androxgh0st malware also supports numerous functions capable of abusing the Simple Mail Transfer Protocol, such as scanning and exploiting exposed credentials and application programming interfaces, and web shell deployment."
How can Androxgh0st malware exploit old vulnerabilities?
How to protect from this Androxgh0st malware threat.
News URL
https://www.techrepublic.com/article/androxgh0st-malware-botnet/
Related news
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Microsoft admits GitHub hosted malware that infected almost a million devices (source)
- Microsoft: New RAT malware used for crypto theft, reconnaissance (source)
- Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets (source)
- Microsoft Trust Signing service abused to code-sign malware (source)
- Microsoft Trusted Signing service abused to code-sign malware (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)