Articles about botnet

hacker

IoT search engine ZoomEye 'dumbs down' Dahua DVR hijackings by spewing passwords

Login passwords for tens of thousands of Dahua digital video recorder devices have been cached by ZoomEye, an IoT search engine, and published on the web so that even the dumbest hacker could crack unpatched kit. "A new low has been achieved in the ease of hacking IoT devices," said Ankit Anubhav, principal researcher at …
John Leyden, 16 Jul 2018
Hand pulls on a latex rubber glove (disposable). Photo by shutterstock

Dr Symantec offers quick and painless checkup for VPNFilter menace on routers

Clean-up efforts to respond to the VPNFilter malware have accelerated with the release of a free check-up tool. Even though the utility from Symantec only looks to see if traffic has been manipulated, rather than confirming an infection, third-party experts have nonetheless welcomed its release. VPNFilter, discovered by …
John Leyden, 2 Jul 2018

Hot new application for blockchain: How does botnet control sound?

BSides Tel Aviv Blockchain technologies might be abused to create a takedown-resistant infrastructure for botnets. During a presentation at BSides Tel Aviv on Tuesday, security researcher Omer Zohar demonstrated proof-of-concept code for a fully functional command-and-control infrastructure built on top of the Ethereum network. Zohar was …
John Leyden, 20 Jun 2018
Young guy facepalms while holding a laptop

Pwn goal: Hackers used the username root, password root for botnet control database login

An IoT botnet has been commandeered by white hats after its controllers used a weak username and password combination for its command-and-control server. Ankit Anubhav, of Newsky Security, said researchers with the company were able to take over the MySQL server used to control the Owari botnet – thanks to its creator leaving …
Shaun Nichols, 6 Jun 2018
hacker

NSA code backported, crims cuffed, leaky AWS S3 buckets, and more

Roundup Here's a roundup of this week's security news, beyond what we've already covered, to kickstart your weekend. You dirty RAT Scumbags could, once upon a time, buy a remote access trojan called Luminosity Link for about $40, and get a piece of malware that, when installed on victims' PCs, would spy on their activities, disable …
Iain Thomson, 10 Feb 2018
Image by rudall30 http://www.shutterstock.com/gallery-573151p1.html

Fresh botnet recruiting routers with weak credentials

Security researchers believe the author of the Satori botnet is at it again, this time attacking routers to craft a botnet dubbed "Masuta". The early-January Satori botnet attacked a Huawei router zero-day. Masuta also hits routers. According to NewSky's analysis, the attack comes in two flavours. There's Masuta, which takes …
Penguins line up to dive into the icy water from the ice floe.

New Mirai botnet species 'Okiru' hunts for ARC-based kit

A new variant of the notorious Mirai malware is exploiting kit with ARC processors. The nasty, dubbed Okiru, is the first capable of infecting devices powered by ARC CPUs. This is according to Japan-based malware researcher UnixFreaxjp of the infosec group Malware Must Die. RISC-based ARC embedded processors are used in a …
John Leyden, 16 Jan 2018
botnet

OK, OK, MIRA-I DID IT: Botnet-building compsci kid comes clean

A former New Jersey college student has copped to helping create and run the massive Mirai DDoS botnet. Paras Jha, 21, pleaded guilty this month in an Alaska district court to two counts [PDF, PDF] of conspiracy to commit "fraud and related activity in connection with computers." In plea deals with US prosecutors, unsealed …
Shaun Nichols, 13 Dec 2017
closed sign

International team takes down virus-spewing Andromeda botnet

Police and private companies have taken down a massive botnet used to move malware onto compromised PCs. The Andromeda botnet, also known as Gamarue, is thought to have spanned over two million PCs and distributed over 80 types of malware onto infected PCs. It was shut down on November 29 in a combined operation by Europol, …
Iain Thomson, 5 Dec 2017

Mirai, Mirai, pwn them all, who's the greatest botnet on the whole?

The Mirai botnet is alive and kicking more than a year after its involvement in a DDoS attack that left many of the world's biggest websites unreachable. DNS provider Dyn reckons about 100,000 Mirai-infected gadgets knocked it out back in October 2016. A study by security ratings firm SecurityScorecard, out Tuesday, found that …
John Leyden, 7 Nov 2017

Reaper IoT botnet ain't so scary, contains fewer than 20,000 drones

The Reaper IoT botnet is nowhere near as threatening as previously suggested, according to new research. Check Point Software Technologies warned last week that a new IoT botnet might have already infected "an estimated million organisations". Boffins at Arbor Networks, however, estimate that the actual size of the Reaper …
John Leyden, 27 Oct 2017

New phishing campaign uses 30-year-old Microsoft mess as bait

The ever-vigilant folk at the Internet Storm Centre (SANS) have spotted yet another campaign trying to drop the Locky ransomware using compromised Word files. As Internet Storm Center handler Brad Duncan writes, the vector in the Word documents uses Microsoft Dynamic Data Exchange (DDE), a feature that lets Office application …

Do fear the Reaper: Huge army of webcams, routers raised from 'one million' hacked orgs

Miscreants are right now assembling a massive army of hacked Internet of Things devices – and at a far faster rate than the powerful Mirai botnet swelled its ranks last year. This new cyber-militia of compromised gadgets, dubbed IoT_reaper or Reaper by experts at Qihoo 360 Netlab, can be instructed by its masters to attack …
John Leyden, 20 Oct 2017
Spam musubi

IoT botnet Linux.ProxyM turns its grubby claws to spam rather than DDoS

An IoT botnet is making a nuisance of itself online after becoming a conduit for spam distribution. Linux.ProxyM has the capability to engage in email spam campaigns with marked difference to other IoT botnets, such as Mirai, that infamously offered a potent platform for running distributed-denial-of-service attacks (DDoSing …
John Leyden, 22 Sep 2017
Dunce

Top tip, hacker newbs: Don't use the same Skype ID for IoT bot herding and job ads

Updated An alleged teenage tearaway with a passion for building botnets was caught using the same Skype ID he used for hacking activities when applying for jobs. Researchers at NewSky Security claim they spotted the 13-year-old's Skype name on job ad message boards and a website called Daddyhackingteam, which hosts numerous code …
Iain Thomson, 7 Sep 2017

Tech firms take down WireX Android botnet

A coalition of tech firms has taken down the WireX botnet, a malware network run predominantly off Android phones running subverted apps. The botnet first popped up on security researchers' radars on August 2 in a small way, and within weeks the number of infected nodes had reached the tens of thousands. It appears that the …
Iain Thomson, 28 Aug 2017
Bear

Russian admits being Ebury botnet herder, now jailed for 46 months

A Russian man has been imprisoned for 46 months after admitting to using the Ebury malware to create a massive botnet for fun and profit. Maxim Senakh, 41, of Veliky Novgorod in Russia, was sentenced in Minnesota after pleading guilty to conspiracy to commit wire fraud and violating the Computer Fraud and Abuse Act. He was …
Iain Thomson, 3 Aug 2017

Don't all rush out at once, but there are a million devices ripe to be the next big botnet

A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn. UK-based security consultancy Pen Test Partners said that the issue stems from a zero-day (unpatched) flaw in networking software from Chinese manufacturer XiongMai …
John Leyden, 15 Jun 2017

Create a news alert about botnet, or find more stories about botnet.

Biting the hand that feeds IT © 1998–2018