Tag: botnet
-
Botnets disrupted worldwide…Operation Endgame is BACK!
Operation Endgame, “Season 2”, is officially announced as of Friday, May 23rd, 2025. International law enforcement agencies and their partners have once again joined forces to disrupt and dismantle botnet infrastructure and their operators. In this post, get details of the take-down itself and Spamhaus’ role in victim account remediation. First seen on securityboulevard.com Jump…
-
DanaBot botnet disrupted, QakBot leader indicted
Operation Endgame, mounted by law enforcement and judicial authorities from the US, Canada and the EU, continues to deliver positive results by disrupting the DanaBot botnet … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/23/operation-endgame-danabot-botnet-disrupted-qakbot-leader-indicted/
-
Suspected creeps behind DanaBot malware that hit 300K+ computers revealed
And the associated fraud’n’spy botnet is about to be shut down First seen on theregister.com Jump to article: www.theregister.com/2025/05/23/300000_machine_danabot_endgame/
-
Feds Charge 16 Russians Allegedly Tied to Botnets Used in Ransomware, Cyberattacks, and Spying
A new US indictment against a group of Russian nationals offers a clear example of how, authorities say, a single malware operation can enable both criminal and state-sponsored hacking. First seen on wired.com Jump to article: www.wired.com/story/us-charges-16-russians-danabot-malware/
-
US indicts leader of Qakbot botnet linked to ransomware attacks
The U.S. government has indicted Russian national Rustam Rafailevich Gallyamov, the leader of the Qakbot botnet malware operation that compromised over 700,000 computers and enabled ransomware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-indicts-leader-of-qakbot-botnet-linked-to-ransomware-attacks/
-
KrebsOnSecurity Hit with 6.3 Tbps DDoS Attack via Aisuru Botnet
KrebsOnSecurity hit and survided a record-breaking 6.3 Tbps DDoS attack linked to the Aisuru IoT botnet, but it shows the vulnerable state of IoT devices. First seen on hackread.com Jump to article: hackread.com/krebsonsecurity-6-3-tbps-ddos-attack-aisuru-botnet/
-
Attacks with new HTTPBot botnet bombard gaming, tech sectors
First seen on scworld.com Jump to article: www.scworld.com/brief/attacks-with-new-httpbot-botnet-bombard-gaming-tech-sectors
-
âš¡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More
Cybersecurity leaders aren’t just dealing with attacks”, they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow. Just fixing problems isn’t enough anymore”, resilience needs to be built into everything from the ground up.…
-
New botnet HTTPBot targets gaming and tech industries with surgical attacks
New botnet HTTPBot is targeting China’s gaming, tech, and education sectors, cybersecurity researchers warn. NSFOCUS cybersecurity discovered a new botnet called HTTPBot that has been used to target the gaming industry, technology firms, and educational institutions in China. HTTPBot is a Go-based botnet first detected in August 2024, however, its activity surged by April 2025. The botnet…
-
New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China.”Over the past few months, it has expanded aggressively, continuously leveraging infected devices to launch external attacks,” NSFOCUS said in a report published…
-
Critical Samsung MagicINFO flaw tapped for Mirai botnet distribution patched
First seen on scworld.com Jump to article: www.scworld.com/brief/critical-samsung-magicinfo-flaw-tapped-for-mirai-botnet-distribution-patched
-
Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit
Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild.The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9.8), has been described as a path traversal flaw.”Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052…
-
New HTTPBot Botnet Rapidly Expands to Target Windows Machines
The HTTPBot Botnet, a novel Trojan developed in the Go programming language, has seen a sharp rise in activity since its first detection in August 2024. According to the latest findings from NSFOCUS Fuying Lab’s Global Threat Hunting system, HTTPBot has rapidly expanded its reach, particularly in April 2025, with over 200 attack instructions issued.…
-
Anyproxy, 5socks botnets disrupted in US crackdown
Tags: botnetFirst seen on scworld.com Jump to article: www.scworld.com/brief/anyproxy-5socks-botnets-disrupted-in-us-crackdown
-
Four Hackers Caught Exploiting Old Routers as Proxy Servers
U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy networks. Russian nationals Alexey Viktorovich Chertkov (37), Kirill Vladimirovich Morozov (41), Aleksandr Aleksandrovich Shishkin (36), and Kazakhstani Dmitriy Rubtsov (38) face conspiracy and computer crime charges for allegedly profiting from botnets…
-
US seizes Anyproxy, 5socks botnets and indicts alleged administrators
The long-running botnet operation used malware that infected older wireless internet routers over a 20-year period, according to federal prosecutors. First seen on cyberscoop.com Jump to article: cyberscoop.com/anyproxy-5socks-botnets-seized/
-
Criminal Proxy Network Infects Thousands of IoT Devices
The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/proxy-network-infects-iot-devices/
-
20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each Week
A 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s Black Lotus Labs, the U.S. Department of Justice, the Federal Bureau of Investigation (FBI), and the Dutch National Police. This botnet, operational since 2004 according to its own claims, exploited an average of 1,000 unique Internet of Things (IoT) and end-of-life…
-
âš¡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams
What do a source code editor, a smart billboard, and a web server have in common? They’ve all become launchpads for attacks”, because cybercriminals are rethinking what counts as “infrastructure.” Instead of chasing high-value targets directly, threat actors are now quietly taking over the overlooked: outdated software, unpatched IoT devices, and open-source packages. It’s not…
-
Als Proxy missbraucht: 20 Jahre altes Router-Botnetz zerschlagen
Ein Botnetz aus Tausenden von Routern soll den Betreibern mehr als 46 Millionen US-Dollar eingebracht haben. Doch damit ist jetzt Schluss. First seen on golem.de Jump to article: www.golem.de/news/als-proxy-missbraucht-20-jahre-altes-router-botnetz-zerschlagen-2505-196100.html
-
Security Affairs newsletter Round 523 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ascension reveals personal data of 437,329 patients exposed in cyberattack Operation Moonlander dismantled the botnet behind Anyproxy and…
-
Feds disrupt proxyhire botnet, indict four alleged net miscreants
The FBI also issued a list of end-of-life routers you need to replace First seen on theregister.com Jump to article: www.theregister.com/2025/05/10/router_botnet_crashed/
-
Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services
Law enforcement dismantled a 20-year botnet behind Anyproxy and 5socks cybercriminals services and arrested four suspects. Authorities dismantled a 20-year-old botnet tied to Anyproxy and 5socks as part of an international operation codenamed >>Operation Moonlander
-
FBI warns that end of life devices are being actively targeted by threat actors
Tags: access, antivirus, attack, authentication, botnet, china, cisco, control, credentials, cve, data-breach, exploit, firewall, firmware, Hardware, identity, infection, intelligence, Internet, malware, network, password, router, sans, service, software, technology, threat, tool, update, vulnerabilityLinksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550, WRT320N, WRT310N, WRT610NCradlepoint E100Cisco M10Threat actors, notably Chinese state-sponsored actors, are successfully exploiting known vulnerabilities in routers exposed to the web through pre-installed remote management software, according to the FBI. They then install malware, set up a botnet, and sell proxy services or launch coordinated attacks.”The…
-
Three Russians, one Kazakhstani charged in takedown of Anyproxy and 5socks botnets
U.S. prosecutors charged four foreign nationals and said a law enforcement operation seized internet domains associated with two powerful botnets. First seen on therecord.media Jump to article: therecord.media/5socks-anyproxy-botnets-takedown-russians-kazakhstani-charged
-
Feds Seize Domains in Global Proxy Botnet Crackdown
Russian, Kazakh Hackers Charged in $46M Proxy Botnet Scheme. Federal prosecutors charged four hackers for running a proxy botnet that exploited infected routers, using domains like Anyproxy.net to resell U.S. network access globally – and generating over $46M before a coordinated international takedown, according to a Friday indictment. First seen on govinfosecurity.com Jump to article:…
-
FBI and Dutch police seize and shut down botnet of hacked routers
U.S. authorities indicted three Russians and one Kazakhstan national for hacking and selling access to a botnet made of vulnerable internet-connected devices. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/09/fbi-and-dutch-police-seize-and-shut-down-botnet-of-hacked-routers/
-
Police dismantles botnet selling hacked routers as residential proxies
Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-dismantles-botnet-selling-hacked-routers-as-residential-proxies/
-
BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that’s powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to malicious actors.In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chertkov, 37, Kirill Vladimirovich…
-
Cybercriminal services target endlife routers, FBI warns
The FBI warns that attackers are using end-of-life routers to deploy malware and turn them into proxies sold on 5Socks and Anyproxy networks. The FBI released a FLASH alert warning about 5Socks and Anyproxy malicious services targeting end-of-life (EOL) routers. Attackers target EoL devices to deploy malware by exploiting vulnerabilities and create botnets for attacks…