Security News

Botnet steals half a million dollars in cryptocurrency from victims
2021-12-16 13:16

The botnet uses a tactic called crypto clipping, which relies on malware to steal cryptocurrency during a transaction, says Check Point Research. A new botnet variant discovered by cyber threat intelligence provider Check Point Research employs a unique method to steal cryptocurrency from its victims.

Phorpiex botnet returns with new tricks making it harder to disrupt
2021-12-16 11:00

The previously shutdown Phorpiex botnet has re-emerged with new peer-to-peer command and control infrastructure, making the malware more difficult to disrupt. The source code for the Phorpiex botnet is being sold on the darknet... pic.

Dark Mirai botnet targeting RCE on popular TP-Link router
2021-12-09 17:14

The botnet known as Dark Mirai has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017. According to a report by researchers at Fortinet, who have been following Dark Mirai activity, the botnet added the particular RCE in its arsenal only two weeks after TP-Link released the firmware update.

Google Shuts Down Glupteba Botnet, Sues Operators
2021-12-09 15:36

Google took steps to shut down the Glupteba botnet, at least for now. So Google is also suing the botnet's operators.

Hundreds of thousands of MikroTik devices still vulnerable to botnets
2021-12-09 11:00

MikroTik is a Latvian manufacturer of routers and wireless ISPs who has sold over 2,000,000 devices globally. In August, the Mēris botnet exploited vulnerabilities in MikroTik routers to create an army of devices that performed a record-breaking DDoS attack on Yandex.

Google Disrupts Blockchain-based Glupteba Botnet; Sues Russian Hackers
2021-12-08 21:01

Google on Tuesday said it took steps to disrupt the operations of a sophisticated "Multi-component" botnet called Glupteba that approximately infected more than one million Windows computers across the globe and stored its command-and-control server addresses on Bitcoin's blockchain as a resilience mechanism. As part of the efforts, Google's Threat Analysis Group said it partnered with the CyberCrime Investigation Group over the past year to terminate around 63 million Google Docs that were observed to have distributed the malware, alongside 1,183 Google Accounts, 908 Cloud Projects, and 870 Google Ads accounts that were associated with its distribution.

Moobot Botnet Chews Up Hikvision Surveillance Systems
2021-12-08 20:13

Although a patch was released in September, any still-vulnerable Hikvision IP Network Video Recorder products are being actively targeted by the Mirai-based botnet known as Moobot. FortiGuard Labs has released a report detailing how the Moobot botnet is leveraging a known remote code execution vulnerability in Hikvision products to spread a Moobot, which carries out distributed denial of service attacks.

Moobot botnet spreading via Hikvision camera vulnerability
2021-12-08 08:27

A Mirai-based botnet called 'Moobot' is spreading aggressively via exploiting a critical command injection flaw in the webserver of many Hikvision products. Among the various payloads that leverage CVE-2021-36260, Fortinet found a downloader masked as "MacHelper," which fetches and executes Moobot with the "Hikivision" parameter.

Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators
2021-12-07 17:13

In tandem, Google also filed a lawsuit against the botnet's operators. "And at any moment, the power of the Glupteba botnet could be leveraged for use in a powerful ransomware or distributed denial-of-service attack," Google noted in its lawsuit, shared with Threatpost on Tuesday.

Google disrupts massive Glupteba botnet, sues Russian operators
2021-12-07 16:57

Google announced today that it has taken action to disrupt the Glupteba botnet that now controls more than 1 million Windows PCs around the world, growing by thousands of new infected devices each day. Glupteba is a blockchain-enabled and modular malware that has been targeting Windows devices worldwide since at least 2011, including the US, India, Brazil, and countries from Southeast Asia.