Security News > 2024 > January > Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More
The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st malware.
The Androxgh0st malware was exposed in December 2022 by Lacework, a cloud security company.
The cybersecurity company Fortinet exposed telemetry on Androxgh0st, which shows more than 40,000 devices infected by the botnet.
Figure A. The FBI/CISA advisory states: "Androxgh0st malware also supports numerous functions capable of abusing the Simple Mail Transfer Protocol, such as scanning and exploiting exposed credentials and application programming interfaces, and web shell deployment."
How can Androxgh0st malware exploit old vulnerabilities?
How to protect from this Androxgh0st malware threat.
News URL
https://www.techrepublic.com/article/androxgh0st-malware-botnet/
Related news
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)
- BadBox malware botnet infects 192,000 Android devices despite disruption (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- MikroTik botnet uses misconfigured SPF DNS records to spread malware (source)
- New Aquabotv3 botnet malware targets Mitel command injection flaw (source)
- Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials (source)