Articles about botnet

Pulling the plug

Interpol unplugs nearly 9,000 Asian command and control networks

An Interpol investigation has revealed a worrying degree of insecurity in south-east Asian countries, with even government-operated web servers infected to operate as command and control systems for bot-herders. The investigation turned up and shut down 9,000 C&C servers across “hundreds” of compromised Websites in Indonesia, …
Angry Judge

Russian hacker arrested in Spain for bot-herding not election-fiddling

Last week ended badly for Russian hackers. The United States Department of Justice revealed that Peter Yuryevich Levashov was picked up in Barcelona a couple of weeks back for his association with the Kelihos botnet. Levashov said he'd been told the arrest was due to his creation of a virus in some way linked to the Russia's …
Simon Sharwood, 24 Apr 2017

'Amnesia' IoT botnet feasts on year-old unpatched vulnerability

Hackers have brewed up a new variant of the IoT/Linux botnet "Tsunami" that exploits a year-old but as yet unresolved vulnerability. The Amnesia botnet targets an unpatched remote code execution vulnerability publicly disclosed more than a year ago in DVR (digital video recorder) devices made by TVT Digital and branded by over …
John Leyden, 7 Apr 2017

Strange Mirai botnet brew blamed for powerful application layer attack

Hackers have created a potent new variant of the Mirai IoT malware. The latest variant is capable of launching application layer attacks rather than simply flooding targeted sites with junk traffic. The new botnet has already been used to hit a US college with a two-day-long attack late last month, DDoS mitigation outfit …
John Leyden, 29 Mar 2017
Man in an orange jumpsuit clutches prison bars. Image by Shutterstock

FBI secures guilty plea from Russian bot-herder

A Russian citizen behind “tens of thousands” of Ebury trojan infections has entered a guilty plea in the US and will face sentencing in August. The US Department of Justice indicted Maxim Senakh, now 41, in January 2015. Ebury was a trojan carrying an SSH rootkit and putting backdoors into its targets, which were Linux, …

GiftGhostBot scares up victims' gift-card cash with brute-force attacks

Cybercrooks are using a bot to automate the process of breaking into and draining online gift card accounts. The software nasty, named GiftGhostBot, attempts to steal cash from money-loaded gift cards provided by a variety of retailers around the globe, according to Distil Networks. Any website – from luxury retailers to …
John Leyden, 24 Mar 2017

Web smut seekers take resurgent Ramnit malware from behind

Aficionados of salacious smut sites in the UK and Canada are picking up some nasty software that infects systems by using corrupted pop-under adverts. Security researchers at Malwarebytes Labs running a malware honeypot have started noticing resurgence in the Ramnit trojan among the samples. Ramnit was a particularly …
Iain Thomson, 22 Mar 2017
Image by 9 George

World's worst botnet fiends switch from ransomware to stock scam spam

Cybercriminals behind the Necurs botnet have reactivated the zombie network and returned to their original business of using compromised machines as conduits for spam distribution. In January, Cisco Talos reported that the Necurs botnet had gone offline, taking the typical volume of Locky ransomware-tainted spam emails with it …
John Leyden, 21 Mar 2017
The Jetsons Food Machine

University DDoS'd by its own seafood-curious malware-infected vending machines

A US university saw its network traffic slow to a crawl thanks to an IoT malware infection that hit, among other things, its vending machines. The unnamed university had its story told by Verizon Enterprise in a sneak preview [PDF] of its 2017 Data Breach Digest report. The story, as told by an also unnamed senior IT staffer …
Shaun Nichols, 13 Feb 2017

Hacker: I made 160,000 printers spew out ASCII art around the world

Printers around the world have been hacked and instructed to churn out pages and even sales receipts of alarming ASCII art. The messages, which began spewing from internet-connected printers on Thursday, read: "Hacked. Stackoverflowin/stack the almighty, hacker god has returned to his throne, as the greatest memegod. Your …
Iain Thomson, 6 Feb 2017
NHS hosptial photo, by Marbury via Shutterstock

Google mistakes the entire NHS for massive cyber-attacking botnet

Exclusive Google is blocking access to the entire NHS network, mistaking the amount of traffic it is currently receiving as a cyber attack. An email from an NHS trust's IT department seen by The Register confirmed that the US search giant has mistaken the current traffic levels for a botnet. The email headed "Google Access" stated: " …
Kat Hall, 1 Feb 2017
Shaun of the dead zombies cricket bat movie still. Copyright Universal Pictures

Mirai variant turns TalkTalk routers into zombie botnet agents

Hundreds of Mirai-infected home routers across the UK are currently acting as DDoS bots. The vast majority (99 per cent) of these 2,398 Mirai-infected devices are TalkTalk routers, according to security researchers at DDoS mitigation firm Imperva Incapsula. “The botnet devices’ geolocation is very uncommon for DDoS botnets …
John Leyden, 8 Dec 2016

CloudFlare warns of another massive botnet, er, flaring up

CloudFlare has warned of another massive botnet that appears to be ramping up and targeting the US West Coast. In a blog post, the content delivery network said it has been watching a flood of attack traffic that started two weeks ago and appears to have been coming from one person testing out its abilities before moving it to …

Sh... IoT just got real: Mirai botnet attacks targeting multiple ISPs

Analysis The Mirai botnet has struck again, with hundreds of thousands of TalkTalk and Post Office broadband customers affected. The two ISPs join a growing casualty list from a wave of assaults that have also affected customers at Deutsche Telekom, KCOM and Irish telco Eir over the last two weeks or so. Problems at the Post Office …
John Leyden, 2 Dec 2016

Online criminals iced as cops bury malware-spewing Avalanche

On November 30, simultaneous raids in five countries by the FBI, Europol, and the UK's National Crime Agency (NCA) finally shuttered the Avalanche criminal network that has been spewing malware and money laundering campaigns for the past seven years. The Avalanche network was a system of 600 servers around the world that were …
Iain Thomson, 1 Dec 2016

Origin of the beasties: Mirai botnet missing link revealed as DVR player

Security researchers have discovered a "missing link" in the Mirai botnet that may prompt a rethink in what makes up the zombie network. The release of Mirai's source code in early October revealed that malware scans for telnet before attempting to hack into devices, using a brute-force attack featuring 61 different user/ …
John Leyden, 14 Nov 2016
Russian hacking

Russian banks floored by withering DDoS attacks

At least five Russian banks weathered days-long DDoS attacks this week. A wave of assaults began on Tuesday afternoon and continued over the next two days. Victims include Sberbank and Alfabank, both of which confirmed DDoS attacks on their online services, RT reports. The attacks were powered by compromised IoT devices, …
John Leyden, 11 Nov 2016
Ice, image via Shutterstock

Finns chilling as DDoS knocks out building control system

Residents in two apartment buildings in the Finnish town of Lappeenranta had a chill-out lasting more than a week after a DDoS attack battered unprotected building management systems. The apartments are managed by a company called Valtia. The attack blocked the building management systems' Internet connections, according to …

Create a news alert about botnet, or find more stories about botnet.

Biting the hand that feeds IT © 1998–2018