Security News > 2024 > January > Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More
The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st malware.
The Androxgh0st malware was exposed in December 2022 by Lacework, a cloud security company.
The cybersecurity company Fortinet exposed telemetry on Androxgh0st, which shows more than 40,000 devices infected by the botnet.
Figure A. The FBI/CISA advisory states: "Androxgh0st malware also supports numerous functions capable of abusing the Simple Mail Transfer Protocol, such as scanning and exploiting exposed credentials and application programming interfaces, and web shell deployment."
How can Androxgh0st malware exploit old vulnerabilities?
How to protect from this Androxgh0st malware threat.
News URL
https://www.techrepublic.com/article/androxgh0st-malware-botnet/
Related news
- Reminder: Infostealer malware is coming for your ChatGPT credentials (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs (source)
- GitHub comments abused to push malware via Microsoft repo URLs (source)