Tag: botnet
-
Botnet-Ring gehackt: Forscher verschafft sich Einsicht in russisches Malware-System
Wayne Huang, Sicherheitsexperte bei Proofpoint, hat es geschafft, sich Zugang zum Malware-System einer cyberkriminellen Gruppe zu verschaffen. Seine Ergebnisse wurden letzte Woche veröffentlicht und bieten einen seltenen Blick in die Anatomie einer Malware-Operation, einschließlich ihrer Infrastruktur, Werkzeuge und Betrugstaktiken. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2014/10/13/botnet-ring-gehackt-forscher-verschafft-sich-einsicht-russisches-malware-system/
-
Police detains Smokeloader malware customers, seizes servers
In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet’s customers and detained at least five individuals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-detains-smokeloader-malware-customers-seizes-servers/
-
Facebook auch über Tor-Netzwerk verfügbar
Facebook hat nun einen Dienst für Nutzer des anonymen Internet-Browsers Tor eingerichtet. Dem Weblog Gizmodo zufolge sorgt eine eigens für die User erstellte Adresse für den unbeschränkten Zugriff auf das Online-Netzwerk und schließt gleichzeitig aus, dass der Tor-User wie bisher nicht blockiert und als Botnet gehandelt werden. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2014/11/04/facebook-auch-uber-tor-netzwerk-verfugbar/
-
3,2 Millionen Betroffene: Europol zerschlägt Ramnit-Botnet
Wie die europäische Polizeibehörde Europol in einer Pressemitteilung erklärte, konnte das European Cybercrime Centre (EC3) in Zusammenarbeit mit Polizeibehörden in Deutschland, Großbritannien, Italien und den Niederlanden sowie Partnern aus der Wirtschaft das Botnet Ramnit zerschlagen. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/02/26/32-millionen-betroffene-europol-zerschlagt-ramnit-botnet/
-
Botnet-Malware: Was steckt dahinter und wie schütze ich mich?
Malware oder schadhafter Code ist schon seit mehr als 40 Jahren in irgendeiner Form im Umlauf. Aber ein Einsatz von Malware zur Fernsteuerung verschiedener Computer, die als ein sogenanntes Botnet organisiert sind, ist ein Phänomen des 21. Jahrhunderts. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2014/10/24/botnet-malware-was-steckt-dahinter-wie-schutze-ich-mich/
-
Botnet will Visum: Angriff auf polnisches Konsulat
Vor kurzem sind ESETs Forscher auf eine interessante Malware gestoßen, die es auf eine Webseite des polnischen Konsulats abgesehen hat. Um den Zweck der Schadsoftware zu verstehen, muss man sich zunächst den Antragsprozess für ein Visum anschauen. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/01/29/msilagent-pyo-botnet-will-polnisches-visum/
-
New Mirai Botnet Variant Exploits TVT DVRs to Gain Admin Control
GreyNoise has noted a sharp escalation in hacking attempts targeting TVT NVMS9000 Digital Video Recorders (DVRs). The surge in malicious activity, peaking on April 3, 2025, with over 2,500 unique IP addresses, suggests a new variant of the notorious Mirai botnet is at play, exploiting an information disclosure vulnerability to seize administrative control over these…
-
New Mirai botnet behind surge in TVT DVR exploitation
A significant spike in exploitation attempts targeting TVT NVMS9000 DVRs has been detected, peaking on April 3, 2025, with over 2,500 unique IPs scanning for vulnerable devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-mirai-botnet-behind-surge-in-tvt-dvr-exploitation/
-
DDoS attacks added to cyberwarfare toolkit amid AI, botnet enhancements
First seen on scworld.com Jump to article: www.scworld.com/brief/ddos-attacks-added-to-cyberwarfare-toolkit-amid-ai-botnet-enhancements
-
NSA warns that overlooked botnet technique threatens national security
Used by nation-states and crime groups, fast flux bypasses many common defenses. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/04/nsa-warns-that-overlooked-botnet-technique-threatens-national-security/
-
DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns
Hackers now use AI and botnets to launch powerful DDoS attacks, bypassing security and overwhelming servers as law enforcement struggles to keep up. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-ddos-cyberattacks-political-conflicts-netscout/
-
NSA and Global Allies Declare Fast Flux a National Security Threat
NSA and global cybersecurity agencies warn fast flux DNS tactic is a growing national security threat used in phishing, botnets, and ransomware. First seen on hackread.com Jump to article: hackread.com/nsa-allies-fast-flux-a-national-security-threat/
-
Additional details on Outlaw Linux cryptomining botnet emerge
First seen on scworld.com Jump to article: www.scworld.com/brief/additional-details-on-outlaw-linux-cryptomining-botnet-emerge
-
Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials
Tags: apache, attack, botnet, credentials, cyber, data-breach, exploit, flaw, hacker, linux, vulnerability, windowsA newly discovered attack campaign has exposed vulnerabilities in Apache Tomcat servers, allowing hackers to hijack resources and steal SSH credentials. Researchers from Aqua Nautilus revealed that these attacks, which weaponized botnets within 30 hours of discovery, employ encrypted payloads and advanced persistence mechanisms to infiltrate systems running both Windows and Linux platforms. The attackers…
-
Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers
Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH servers with weak credentials.”Outlaw is a Linux malware that relies on SSH brute-force attacks, cryptocurrency mining, and worm-like propagation to infect and maintain control over systems,” Elastic Security Labs said in a new analysis First…
-
Altgeräte bedrohen Sicherheit in Unternehmen
Tags: access, apache, authentication, botnet, bug, cisco, cloud, cve, cyberattack, dns, endpoint, firewall, Hardware, intelligence, Internet, ivanti, lazarus, linux, macOS, network, open-source, password, radius, ransomware, risk, router, sans, service, software, supply-chain, threat, update, vulnerabilitySchwachstellen in alten Netzwerkgeräten stellen ein erhebliches Sicherheitsrisiko für Unternehmen dar.Eine Analyse von Ciscos Threat-Intelligence-Team Talos zeigt, zwei der drei häufigsten Schwachstellen, auf die es Angreifer im Jahr 2024 abgesehen hatten, waren in alten Netzwerkgeräten zu finden. Das Problem ist, dass Hersteller dazu keine Patches mehr herausgeben.’Dies unterstreicht, wie wichtig es ist, veraltete Komponenten des…
-
Neues IoT-Botnetz <> greift TP-Link-Router an
Sicherheitsforscher des Threat-Research-Teams von Cato Networks haben eine neue Bedrohung identifiziert: das IoT-Botnetz “Ballista”. Diese Schadsoftware nutzt eine gravierende Sicherheitslücke in TP-Link Archer-Routern aus, um sich ungehindert im Internet zu verbreiten. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/iot-botnetz-ballista-tp-link-router
-
U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: In early March, 2025, US CISA warned that multiple botnets are exploiting a…
-
Android-Geräte und die BadBox-Malware
Android-Geräte werden durch eine als BadBox bezeichnete Malware bedroht. Sicherheitsforscher haben Anfang März 2025 ein Botnetz mit 500.000 infizierten Geräten von dieser Malware befreit. Android-Geräte durch BadBox-Malware bedroht Ich hatte im Dezember 2024 im Blog-Beitrag BadBox: BSI warnt vor Malware auf … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/18/android-geraete-und-die-badbox-malware/
-
BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse
At least four different threat actors have been identified as involved in an updated version of a massive ad fraud and residential proxy scheme called BADBOX, painting a picture of an interconnected cybercrime ecosystem.This includes SalesTracker Group, MoYu Group, Lemon Group, and LongTV, according to new findings from the HUMAN Satori Threat Intelligence and Research…
-
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024.The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on susceptible…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 37
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool Ragnar Loader Desert Dexter. Attacks on Middle Eastern countries Ballista New IoT Botnet Targeting Thousands of TP-Link Archer Routers Microsoft patches […]…
-
Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware
Tags: botnet, cctv, cve, cyber, exploit, injection, intelligence, Internet, iot, malware, rce, remote-code-execution, vulnerabilityA recent alert from the Akamai Security Intelligence and Response Team (SIRT) has highlighted the exploitation of a severe command injection vulnerability in Edimax Internet of Things (IoT) devices. This vulnerability, designated as CVE-2025-1316, has been actively used by multiple botnets to spread Mirai malware. Mirai is notorious for compromising IoT devices and orchestrating distributed…
-
The most notorious and damaging ransomware of all time
Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windowsConti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
-
Unpatched Edimax Camera Flaw Exploited Since at Least May 2024
A recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year. The post Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/unpatched-edimax-camera-flaw-exploited-since-at-least-may-2024/
-
Thousands Of Vulnerable TP-Link Routers Targeted By Ballista Botnet
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-vulnerable-tp-link-routers-targeted-by-ballista-botnet