Security News
The U.S. Department of Justice sentenced a Russian man for operating a large-scale digital advertising fraud scheme called 'Methbot' that stole at least $7 million from American companies. Aleksandr Zhukov, aka the "King of Fraud," was sentenced to 10 years of imprisonment in the U.S. and ordered to forfeit the total sum of his assets, amounting to $3,827,493.
The Global Threat Landscape Report indicates a drastic rise in sophisticated cyberattacks targeting digital infrastructures, organizations, and individuals in 2021. Organizations struggle to address these threats due to their resource sophistication and their lack of understanding of evolving threat landscapes.
Cybersecurity researchers disclosed details of what they say is the "Largest botnet" observed in the wild in the last six years, infecting over 1.6 million devices primarily located in China, with the goal of launching distributed denial-of-service attacks and inserting advertisements into HTTP websites visited by unsuspecting users. Mainly targeting MIPS-based fiber routers, the botnet leverages a combination of third-party services such as GitHub, peer-to-peer networks, and central command-and-control servers for its bots to controller communications, not to mention completely encrypting the transmission channels to prevent the victimized devices from being taken over.
The PurpleFox botnet has refreshed its arsenal with new vulnerability exploits and dropped payloads, now also leveraging WebSockets for C2 bidirectional communication. Although it's mainly based in China, the PurpleFox botnet still has a global presence through hundreds of compromised servers.
The PurpleFox botnet has refreshed its arsenal with new vulnerability exploits and dropped payloads, now also leveraging WebSockets for C2 bidirectional communication. Although it's mainly based in China, the PurpleFox botnet still has a global presence through hundreds of compromised servers.
Threat group FreakOut's Necro botnet has developed a new trick: infecting Visual Tools DVRs with a Monero miner. Juniper Threat Labs researchers have issued a report detailing new activities from FreakOut, also known as Necro Python and Python.
The MyKings botnet is still actively spreading, making massive amounts of money in crypto, five years after it first appeared in the wild. Being one of the most analyzed botnets in recent history, MyKings is particularly interesting to researchers thanks to its vast infrastructure and versatile features, including bootkits, miners, droppers, clipboard stealers, and more.
A new update to the FreakOut Python botnet has added a recently published PoC exploit for Visual Tools DVR in its arsenal to further aid in breaching systems. Mining Monero on a DVR. Researchers at Juniper Threat Labs have analyzed a recent sample of the malware, and warn that Visual Tools DVR VX16 4.2.28.0 from visual-tools.com is being targeted with an exploit for a CVE-less flaw.
Ukrainian law enforcement authorities on Monday disclosed the arrest of a hacker responsible for the creation and management of a "Powerful botnet" consisting of over 100,000 enslaved devices that was used to carry out distributed denial-of-service and spam attacks on behalf of paid customers. The Ukrainian police agency said it conducted a raid of the suspect's residence and seized their computer equipment as evidence of illegal activity.
The US Department of Justice charged the admin of the WireX Android botnet for targeting an American multinational hotel chain in a distributed denial-of-service attack. Izzet Mert Ozek, the defendant, used the botnet which consisted of tens of thousands of enslaved Android devices - more than 120,000 based on the unique IP addresses observed in some WireX attacks - to target the company's online booking system website in August 2017.