Security News
A new Go-based botnet has been spotted scanning and brute-forcing self-hosted websites using the WordPress content management system to seize control of the targeted systems. "This new brute forcer is part of a new campaign we have named GoTrim because it was written in Go and uses ':::trim:::' to split data communicated to and from the C2 server," Fortinet FortiGuard Labs researchers Eduardo Altares, Joie Salvio, and Roy Tay said.
A new Go-based botnet malware named 'GoTrim' is scanning the web for self-hosted WordPress websites and attempting to brute force the administrator's password and take control of the site. The malware then connects to each site and attempts to brute-force the admin accounts using the inputted credentials.
A novel Go-based botnet called Zerobot has been observed in the wild proliferating by taking advantage of nearly two dozen security vulnerabilities in the internet of things devices and other software. The botnet "Contains several modules, including self-replication, attacks for different protocols, and self-propagation," Fortinet FortiGuard Labs researcher Cara Lin said.
A botnet operator is kicking themselves and probably hoping no one noticed the typo they transmitted in a command that crashed their whole operation. Even worse for the operator(s), their Golang-coded KmsdBot lacked persistence, meaning the whole botnet is toast thanks to the apparent decision to forgo error handling.
An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down. The botnet strikes both Windows and Linux devices spanning a wide range of microarchitectures with the primary goal of deploying mining software and corralling the compromised hosts into a DDoS bot.
An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down. The botnet strikes both Windows and Linux devices spanning a wide range of microarchitectures with the primary goal of deploying mining software and corralling the compromised hosts into a DDoS bot.
While analyzing its capabilities, Akamai researchers have accidentally taken down a cryptomining botnet that was also used for distributed denial-of-service attacks. As revealed in a report published earlier this month, the KmsdBot malware behind this botnet was discovered by members of the Akamai Security Intelligence Response Team after it infected one of their honeypots.
Google has won a lawsuit filed against two Russian nationals in connection with the operation of a botnet called Glupteba, the company said last week. The defendants' move to press sanctions against Google was denied.
Google sued Dmitry Starovikov and Alexander Filippov - along with 15 other John and Jane Does - in December 2021, saying in the original complaint [PDF] that the botnet "Is distinguished from conventional botnets in its technical sophistication: unlike other botnets, the Glupteba botnet leverages blockchain technology to protect itself from disruption." Judge Cote said in her opinion and order [PDF] that the Defendants had "Attempted to negotiate a discovery plan in bad faith, requesting an exchange of electronic devices" - although they knew they could not provide the devices they said they had. According to the judge, the defendants and their lawyer told Google that pertinent discovery information was held by their former employer Valtron LLC,, a limited liability company based in Moscow.
A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims' bank accounts using malware called Zeus. According to court documents released by the U.S. Depart of Justice in 2014, Penchukov and eight other members of the cybercriminal group infected "Thousands of business computers" with Zeus, which is capable of stealing passwords, account numbers, and other information relevant to log into online banking accounts.