Articles about botnet

Mirai, Mirai, pwn them all, who's the greatest botnet on the whole?

The Mirai botnet is alive and kicking more than a year after its involvement in a DDoS attack that left many of the world's biggest websites unreachable. DNS provider Dyn reckons about 100,000 Mirai-infected gadgets knocked it out back in October 2016. A study by security ratings firm SecurityScorecard, out Tuesday, found that …
John Leyden, 7 Nov 2017

Reaper IoT botnet ain't so scary, contains fewer than 20,000 drones

The Reaper IoT botnet is nowhere near as threatening as previously suggested, according to new research. Check Point Software Technologies warned last week that a new IoT botnet might have already infected "an estimated million organisations". Boffins at Arbor Networks, however, estimate that the actual size of the Reaper …
John Leyden, 27 Oct 2017

New phishing campaign uses 30-year-old Microsoft mess as bait

The ever-vigilant folk at the Internet Storm Centre (SANS) have spotted yet another campaign trying to drop the Locky ransomware using compromised Word files. As Internet Storm Center handler Brad Duncan writes, the vector in the Word documents uses Microsoft Dynamic Data Exchange (DDE), a feature that lets Office application …

Do fear the Reaper: Huge army of webcams, routers raised from 'one million' hacked orgs

Miscreants are right now assembling a massive army of hacked Internet of Things devices – and at a far faster rate than the powerful Mirai botnet swelled its ranks last year. This new cyber-militia of compromised gadgets, dubbed IoT_reaper or Reaper by experts at Qihoo 360 Netlab, can be instructed by its masters to attack …
John Leyden, 20 Oct 2017
Spam musubi

IoT botnet Linux.ProxyM turns its grubby claws to spam rather than DDoS

An IoT botnet is making a nuisance of itself online after becoming a conduit for spam distribution. Linux.ProxyM has the capability to engage in email spam campaigns with marked difference to other IoT botnets, such as Mirai, that infamously offered a potent platform for running distributed-denial-of-service attacks (DDoSing …
John Leyden, 22 Sep 2017
Dunce

Top tip, hacker newbs: Don't use the same Skype ID for IoT bot herding and job ads

Updated An alleged teenage tearaway with a passion for building botnets was caught using the same Skype ID he used for hacking activities when applying for jobs. Researchers at NewSky Security claim they spotted the 13-year-old's Skype name on job ad message boards and a website called Daddyhackingteam, which hosts numerous code …
Iain Thomson, 7 Sep 2017

Tech firms take down WireX Android botnet

A coalition of tech firms has taken down the WireX botnet, a malware network run predominantly off Android phones running subverted apps. The botnet first popped up on security researchers' radars on August 2 in a small way, and within weeks the number of infected nodes had reached the tens of thousands. It appears that the …
Iain Thomson, 28 Aug 2017
Bear

Russian admits being Ebury botnet herder, now jailed for 46 months

A Russian man has been imprisoned for 46 months after admitting to using the Ebury malware to create a massive botnet for fun and profit. Maxim Senakh, 41, of Veliky Novgorod in Russia, was sentenced in Minnesota after pleading guilty to conspiracy to commit wire fraud and violating the Computer Fraud and Abuse Act. He was …
Iain Thomson, 3 Aug 2017

Don't all rush out at once, but there are a million devices ripe to be the next big botnet

A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn. UK-based security consultancy Pen Test Partners said that the issue stems from a zero-day (unpatched) flaw in networking software from Chinese manufacturer XiongMai …
John Leyden, 15 Jun 2017
Image by rudall30 http://www.shutterstock.com/gallery-573151p1.html

'Jaff' argh snakes: 5m emails/hour ransomware floods inboxes

The Necurs botnet has been harnessed to fling a new strain of ransomware dubbed "Jaff". Jaff spreads in a similar way to the infamous file-encrypting malware Locky and even uses the same payment site template, but is nonetheless a different monster. Attached to dangerous emails is an infectious PDF containing an embedded DOCM …
John Leyden, 12 May 2017
people peer into camera. photo by shutterstock

Another IoT botnet has been found feasting on vulnerable IP cameras

Researchers have discovered yet another IoT botnet. Persirai targets more than a thousand different internet protocol camera models. Researchers at Trend Micro warn that 120,000 web-connected cameras are vulnerable to the malware. Consumers would, in most cases, be unaware that their devices are even exposed to the internet …
John Leyden, 10 May 2017

Mysterious Hajime botnet has pwned 300,000 IoT devices

Hajime – the "vigilante" IoT worm that blocks rival botnets – has built up a compromised network of 300,000 malware-compromised devices, according to new figures from Kaspersky Lab. The steadily spreading Hajime IoT worm fights the Mirai botnet for control of easy-to-hack IoT products. The malware is billed as a vigilante- …
John Leyden, 27 Apr 2017
idiot

Beware of geeks bearing gifts: Evil game guides infect 2 million Androids

Ad-displaying malware in nearly 50 apps on the Google Play Store has infected nearly two million phones. And it's all thanks a combination of user stupidity, and the ad giant failing to spot and remove the software nasty lurking in its application souk. The rogue code – dubbed Falseguide because it is contained within game …
Iain Thomson, 26 Apr 2017
Pulling the plug

Interpol unplugs nearly 9,000 Asian command and control networks

An Interpol investigation has revealed a worrying degree of insecurity in south-east Asian countries, with even government-operated web servers infected to operate as command and control systems for bot-herders. The investigation turned up and shut down 9,000 C&C servers across “hundreds” of compromised Websites in Indonesia, …
Angry Judge

Russian hacker arrested in Spain for bot-herding not election-fiddling

Last week ended badly for Russian hackers. The United States Department of Justice revealed that Peter Yuryevich Levashov was picked up in Barcelona a couple of weeks back for his association with the Kelihos botnet. Levashov said he'd been told the arrest was due to his creation of a virus in some way linked to the Russia's …
Simon Sharwood, 24 Apr 2017
Vulture

'Amnesia' IoT botnet feasts on year-old unpatched vulnerability

Hackers have brewed up a new variant of the IoT/Linux botnet "Tsunami" that exploits a year-old but as yet unresolved vulnerability. The Amnesia botnet targets an unpatched remote code execution vulnerability publicly disclosed more than a year ago in DVR (digital video recorder) devices made by TVT Digital and branded by over …
John Leyden, 7 Apr 2017

Strange Mirai botnet brew blamed for powerful application layer attack

Hackers have created a potent new variant of the Mirai IoT malware. The latest variant is capable of launching application layer attacks rather than simply flooding targeted sites with junk traffic. The new botnet has already been used to hit a US college with a two-day-long attack late last month, DDoS mitigation outfit …
John Leyden, 29 Mar 2017
Man in an orange jumpsuit clutches prison bars. Image by Shutterstock

FBI secures guilty plea from Russian bot-herder

A Russian citizen behind “tens of thousands” of Ebury trojan infections has entered a guilty plea in the US and will face sentencing in August. The US Department of Justice indicted Maxim Senakh, now 41, in January 2015. Ebury was a trojan carrying an SSH rootkit and putting backdoors into its targets, which were Linux, …

Create a news alert about botnet, or find more stories about botnet.

Biting the hand that feeds IT © 1998–2017