Articles about botnet

Don't all rush out at once, but there are a million devices ripe to be the next big botnet

A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn. UK-based security consultancy Pen Test Partners said that the issue stems from a zero-day (unpatched) flaw in networking software from Chinese manufacturer XiongMai …
John Leyden, 15 Jun 2017
Image by rudall30 http://www.shutterstock.com/gallery-573151p1.html

'Jaff' argh snakes: 5m emails/hour ransomware floods inboxes

The Necurs botnet has been harnessed to fling a new strain of ransomware dubbed "Jaff". Jaff spreads in a similar way to the infamous file-encrypting malware Locky and even uses the same payment site template, but is nonetheless a different monster. Attached to dangerous emails is an infectious PDF containing an embedded DOCM …
John Leyden, 12 May 2017
people peer into camera. photo by shutterstock

Another IoT botnet has been found feasting on vulnerable IP cameras

Researchers have discovered yet another IoT botnet. Persirai targets more than a thousand different internet protocol camera models. Researchers at Trend Micro warn that 120,000 web-connected cameras are vulnerable to the malware. Consumers would, in most cases, be unaware that their devices are even exposed to the internet …
John Leyden, 10 May 2017

Mysterious Hajime botnet has pwned 300,000 IoT devices

Hajime – the "vigilante" IoT worm that blocks rival botnets – has built up a compromised network of 300,000 malware-compromised devices, according to new figures from Kaspersky Lab. The steadily spreading Hajime IoT worm fights the Mirai botnet for control of easy-to-hack IoT products. The malware is billed as a vigilante- …
John Leyden, 27 Apr 2017
idiot

Beware of geeks bearing gifts: Evil game guides infect 2 million Androids

Ad-displaying malware in nearly 50 apps on the Google Play Store has infected nearly two million phones. And it's all thanks a combination of user stupidity, and the ad giant failing to spot and remove the software nasty lurking in its application souk. The rogue code – dubbed Falseguide because it is contained within game …
Iain Thomson, 26 Apr 2017
Pulling the plug

Interpol unplugs nearly 9,000 Asian command and control networks

An Interpol investigation has revealed a worrying degree of insecurity in south-east Asian countries, with even government-operated web servers infected to operate as command and control systems for bot-herders. The investigation turned up and shut down 9,000 C&C servers across “hundreds” of compromised Websites in Indonesia, …
Angry Judge

Russian hacker arrested in Spain for bot-herding not election-fiddling

Last week ended badly for Russian hackers. The United States Department of Justice revealed that Peter Yuryevich Levashov was picked up in Barcelona a couple of weeks back for his association with the Kelihos botnet. Levashov said he'd been told the arrest was due to his creation of a virus in some way linked to the Russia's …
Simon Sharwood, 24 Apr 2017
Vulture

'Amnesia' IoT botnet feasts on year-old unpatched vulnerability

Hackers have brewed up a new variant of the IoT/Linux botnet "Tsunami" that exploits a year-old but as yet unresolved vulnerability. The Amnesia botnet targets an unpatched remote code execution vulnerability publicly disclosed more than a year ago in DVR (digital video recorder) devices made by TVT Digital and branded by over …
John Leyden, 7 Apr 2017

Strange Mirai botnet brew blamed for powerful application layer attack

Hackers have created a potent new variant of the Mirai IoT malware. The latest variant is capable of launching application layer attacks rather than simply flooding targeted sites with junk traffic. The new botnet has already been used to hit a US college with a two-day-long attack late last month, DDoS mitigation outfit …
John Leyden, 29 Mar 2017
Man in an orange jumpsuit clutches prison bars. Image by Shutterstock

FBI secures guilty plea from Russian bot-herder

A Russian citizen behind “tens of thousands” of Ebury trojan infections has entered a guilty plea in the US and will face sentencing in August. The US Department of Justice indicted Maxim Senakh, now 41, in January 2015. Ebury was a trojan carrying an SSH rootkit and putting backdoors into its targets, which were Linux, …
Hacker

Web smut seekers take resurgent Ramnit malware from behind

Aficionados of salacious smut sites in the UK and Canada are picking up some nasty software that infects systems by using corrupted pop-under adverts. Security researchers at Malwarebytes Labs running a malware honeypot have started noticing resurgence in the Ramnit trojan among the samples. Ramnit was a particularly …
Iain Thomson, 22 Mar 2017
Image by 9 George http://www.shutterstock.com/gallery-607441p1.html

World's worst botnet fiends switch from ransomware to stock scam spam

Cybercriminals behind the Necurs botnet have reactivated the zombie network and returned to their original business of using compromised machines as conduits for spam distribution. In January, Cisco Talos reported that the Necurs botnet had gone offline, taking the typical volume of Locky ransomware-tainted spam emails with it …
John Leyden, 21 Mar 2017
The Jetsons Food Machine

University DDoS'd by its own seafood-curious malware-infected vending machines

A US university saw its network traffic slow to a crawl thanks to an IoT malware infection that hit, among other things, its vending machines. The unnamed university had its story told by Verizon Enterprise in a sneak preview [PDF] of its 2017 Data Breach Digest report. The story, as told by an also unnamed senior IT staffer …
Shaun Nichols, 13 Feb 2017
printer

Hacker: I made 160,000 printers spew out ASCII art around the world

Printers around the world have been hacked and instructed to churn out pages and even sales receipts of alarming ASCII art. The messages, which began spewing from internet-connected printers on Thursday, read: "Hacked. Stackoverflowin/stack the almighty, hacker god has returned to his throne, as the greatest memegod. Your …
Iain Thomson, 6 Feb 2017
NHS hosptial photo, by Marbury via Shutterstock

Google mistakes the entire NHS for massive cyber-attacking botnet

Exclusive Google is blocking access to the entire NHS network, mistaking the amount of traffic it is currently receiving as a cyber attack. An email from an NHS trust's IT department seen by The Register confirmed that the US search giant has mistaken the current traffic levels for a botnet. The email headed "Google Access" stated: " …
Kat Hall, 1 Feb 2017
Shaun of the dead zombies cricket bat movie still. Copyright Universal Pictures

Mirai variant turns TalkTalk routers into zombie botnet agents

Hundreds of Mirai-infected home routers across the UK are currently acting as DDoS bots. The vast majority (99 per cent) of these 2,398 Mirai-infected devices are TalkTalk routers, according to security researchers at DDoS mitigation firm Imperva Incapsula. “The botnet devices’ geolocation is very uncommon for DDoS botnets …
John Leyden, 8 Dec 2016

CloudFlare warns of another massive botnet, er, flaring up

CloudFlare has warned of another massive botnet that appears to be ramping up and targeting the US West Coast. In a blog post, the content delivery network said it has been watching a flood of attack traffic that started two weeks ago and appears to have been coming from one person testing out its abilities before moving it to …

Sh... IoT just got real: Mirai botnet attacks targeting multiple ISPs

Analysis The Mirai botnet has struck again, with hundreds of thousands of TalkTalk and Post Office broadband customers affected. The two ISPs join a growing casualty list from a wave of assaults that have also affected customers at Deutsche Telekom, KCOM and Irish telco Eir over the last two weeks or so. Problems at the Post Office …
John Leyden, 2 Dec 2016

Create a news alert about botnet, or find more stories about botnet.

Biting the hand that feeds IT © 1998–2017