Latest Botnet news

P2PInfect botnet targets REdis servers with new ransomware module

P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers.
- Bill Toulas
- June 25, 2024
- 06:00 AM
- 0
Malware botnet bricked 600,000 routers in mysterious 2023 attack

A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that took 600,000 office/home office (SOHO) internet routers offline, according to a new report by researchers at Lumen's Black Lotus Labs.
- Bill Toulas
- May 30, 2024
- 02:56 PM
- 1
Police seize over 100 malware loader servers, arrest four cybercriminals

An international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC.
- Bill Toulas
- May 30, 2024
- 04:35 AM
- 1
US dismantles 911 S5 botnet used for cyberattacks, arrests admin

The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator, in Singapore.
- Sergiu Gatlan
- May 29, 2024
- 01:14 PM
- 0
US govt sanctions cybercrime gang behind massive 911 S5 botnet

The U.S. Treasury Department has sanctioned a cybercrime network comprising three Chinese nationals and three Thailand-based companies linked to a massive botnet controlling a residential proxy service known as "911 S5."
- Sergiu Gatlan
- May 28, 2024
- 03:02 PM
- 0
Ebury botnet malware infected 400,000 Linux servers since 2009

A malware botnet known as 'Ebury' has infected almost 400,000 Linux servers since 2009, with roughly 100,000 still compromised as of late 2023.
- Bill Toulas
- May 14, 2024
- 12:31 PM
- 0
Botnet sent millions of emails in LockBit Black ransomware campaign

Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign.
- Sergiu Gatlan
- May 13, 2024
- 03:08 PM
- 0
Moldovan charged for operating botnet used to push ransomware

The U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator of a large-scale botnet that infected thousands of computers across the United States.
- Sergiu Gatlan
- April 17, 2024
- 02:53 PM
- 0
Multiple botnets exploiting one-year-old TP-Link flaw to hack routers

At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 (AX1800) routers vulnerable to a command injection security issue reported and addressed last year.
- Bill Toulas
- April 17, 2024
- 09:03 AM
- 3
RUBYCARP hackers linked to 10-year-old cryptomining botnet

A Romanian botnet group named 'RUBYCARP' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain.
- Bill Toulas
- April 09, 2024
- 11:30 AM
- 0
Cisco warns of password-spraying attacks targeting VPN services

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.
- Bill Toulas
- March 28, 2024
- 12:37 PM
- 0
TheMoon malware infects 6,000 ASUS routers in 72 hours for proxy service

A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office (SOHO) routers and IoT devices in 88 countries.
- Bill Toulas
- March 26, 2024
- 11:00 AM
- 0
No, 3 million electric toothbrushes were not used in a DDoS attack

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical scenario instead of an actual attack.
- Lawrence Abrams
- February 07, 2024
- 12:21 PM
- 4
Chinese hackers fail to rebuild botnet after FBI takedown

Chinese Volt Typhoon state hackers failed to revive a botnet recently taken down by the FBI, which was previously used in attacks targeting critical infrastructure across the United States.
- Sergiu Gatlan
- February 07, 2024
- 10:00 AM
- 0
PurpleFox malware infects thousands of computers in Ukraine

The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country.
- Bill Toulas
- February 01, 2024
- 12:10 PM
- 0
Bigpanzi botnet infects 170,000 Android TV boxes with malware

A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes worldwide since at least 2015.
- Bill Toulas
- January 17, 2024
- 01:54 PM
- 0
FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads.
- Sergiu Gatlan
- January 16, 2024
- 12:34 PM
- 0
QNAP VioStor NVR vulnerability actively exploited by malware botnet

A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm.
- Bill Toulas
- December 16, 2023
- 11:17 AM
- 0
Stealthy KV-botnet hijacks SOHO routers and VPN devices

The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named 'KV-botnet' it uses since at least 2022 to attack SOHO routers in high-value targets.
- Bill Toulas
- December 13, 2023
- 05:47 PM
- 1
Stealthier version of P2Pinfect malware targets MIPS devices

The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS (Microprocessor without Interlocked Pipelined Stages) processors, such as routers and IoT devices.
- Bill Toulas
- December 04, 2023
- 04:10 PM
- 0