Tag Archives: botnet

The effects of law enforcement takedowns on the ransomware landscape

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation as the primary method of delivering the malware. The switch is obvious to Symantec’s Threat Hunter Team but, unfortunately, it hasn’t been accompanied by a fall in the number of ransomware victims. “Analysis of data from … More ? The post The effects of law enforcement takedowns on the ransomware landscape appeared first on Help Net Security .

More:
The effects of law enforcement takedowns on the ransomware landscape

Qakbot returns in fresh assault on hospitality sector

The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing campaign attempting to deliver it to targets in the hospitality industry. Qakbot and its (temporary?) downfall Qakbot, also known as Qbot, started as banking malware but has since evolved into a versatile vehicle for malware and ransomware distribution. Its long-term survival and success are attributed to its operators’ … More ? The post Qakbot returns in fresh assault on hospitality sector appeared first on Help Net Security .

View article:
Qakbot returns in fresh assault on hospitality sector

Mirai reloads exploit arsenal as botnet embarks on another expansion drive

With 13 new payloads it’s the biggest update to the botnet in months The infamous Mirai botnet was spotted by researchers who say it is spinning up again, this time with an “aggressively updated arsenal of exploits.”…

Read More:
Mirai reloads exploit arsenal as botnet embarks on another expansion drive

Qakbot botnet disrupted, malware removed from 700,000+ victim computers

The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world. “To disrupt the botnet, the FBI was able to redirect Qakbot botnet traffic to and through servers controlled by the FBI, which in turn instructed infected computers in the United States and elsewhere to download a file created by … More ? The post Qakbot botnet disrupted, malware removed from 700,000+ victim computers appeared first on Help Net Security .

See original article:
Qakbot botnet disrupted, malware removed from 700,000+ victim computers

Bogus OfficeNote app delivers XLoader macOS malware

A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample have appeared on VirusTotal throughout July, indicating that the malware has been widely distributed in the wild,” SentinelOne researchers said. The new XLoader macOS malware variant XLoader is a malware-as-a-service infostealer and botnet that has been active since 2015, but first appeared as a macOS variant in 2021, written in Java. “The … More ? The post Bogus OfficeNote app delivers XLoader macOS malware appeared first on Help Net Security .

Link:
Bogus OfficeNote app delivers XLoader macOS malware

Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-28771 CVE-2023-28771 is a vulnerability that allows unauthenticated attackers to execute OS commands remotely by sending crafted IKE (Internet Key Exchange) packets to an affected device. Fixed by Zyxel in April 2023, it was expected to be quickly exploited by attackers once technical write-ups and … More ? The post Zyxel firewalls under attack by Mirai-like botnet appeared first on Help Net Security .

See the article here:
Zyxel firewalls under attack by Mirai-like botnet

Gambling sites are losing significant amounts of revenue due to raising DDoS attacks

Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. This Help Net Security video uncovers how DDoS attacks on gambling sites lead to lost revenue and consumer trust. The post Gambling sites are losing significant amounts of revenue due to raising DDoS attacks appeared first on Help Net Security .

More here:
Gambling sites are losing significant amounts of revenue due to raising DDoS attacks

80,000 internet-connected cameras still vulnerable after critical patch offered

Just more IoT conscripts for the botnet armies Tens of thousands of internet-facing IP cameras made by China-based Hikvision remain unpatched and exploitable despite a fix being issued for a critical security bug nearly a year ago.…

See the original article here:
80,000 internet-connected cameras still vulnerable after critical patch offered

Cybercriminals are using bots to deploy DDoS attacks on gambling sites

Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. As the Wimbledon tennis tournament began at the end of June, DDoS attacks increased and impacted 10% of gambling sites. This continues a damaging pattern for the industry with 40% of gambling sites suffering attacks in the last 12 months, 80% of whom were hit multiple times. Overall, the number of application layer DDoS attacks … More ? The post Cybercriminals are using bots to deploy DDoS attacks on gambling sites appeared first on Help Net Security .

Originally posted here:
Cybercriminals are using bots to deploy DDoS attacks on gambling sites

Emotet stages a comeback via Trickbot and spam

Emotet is back – a number of researchers have confirmed. About Emotet Emotet is a modular banking trojan that also functions as a downloader of other trojans and malware/ransomware. In January 2021, law enforcement and judicial authorities worldwide moved together to perform a global takedown of the Emotet botnet, and in April 2021 they performed a coordinated, widespread uninstall of the malware from infected machines via a module they propagated in January, effectively crippling the … More ? The post Emotet stages a comeback via Trickbot and spam appeared first on Help Net Security .

Visit site:
Emotet stages a comeback via Trickbot and spam