Tag: botnet
-
SystemBC malware turns infected VPS systems into proxy highway
The operators of the SystemBC proxy botnet are hunting for vulnerable commercial virtual private servers (VPS) and maintain an average of 1,500 bots every day that provide a highway for malicious traffic. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/systembc-malware-turns-infected-vps-systems-into-proxy-highway/
-
AISURU Botnet Fuels Record-Breaking 11.5 Tbps DDoS Attack With 300,000 Hijacked Routers
The newly identified AISURU botnet, leveraging an estimated 300,000 compromised routers worldwide, has been pinpointed as the force behind a record-shattering 11.5 Tbps distributed denial-of-service (DDoS) attack in September 2025. This unprecedented assault eclipses the previous 5.8 Tbps peak seen earlier in the year and underscores a dangerous escalation in botnet scale and sophistication. First…
-
Riesiges DDoS-Botnetz: Mehr als fünf Millionen Geräte greifen Server an
Seit März ist das Botnetz um den Faktor 4 gewachsen. Am jüngsten DDoS-Angriff sollen 5,76 Millionen IP-Adressen beteiligt gewesen sein. First seen on golem.de Jump to article: www.golem.de/news/riesiges-ddos-botnetz-mehr-als-fuenf-millionen-geraete-greifen-server-an-2509-200084.html
-
Qrator Labs Mitigated Record L7 DDoS Attack from 5.76M-Device Botnet
Qrator Labs blocked a record L7 DDoS attack from a 5.76M-device botnet targeting government systems, showing rapid global growth since March. First seen on hackread.com Jump to article: hackread.com/qrator-labs-mitigate-l7-ddos-attack-5-76m-botnet/
-
Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record Attacks
In a stark reminder of how vulnerable online services remain, Qrator Labs has revealed that a sprawling Layer 7 distributed denial-of-service (DDoS) botnet has swelled to over 5.76 million compromised devices, unleashing unprecedented traffic against critical infrastructures. Monitored since late March, the botnet has been used in a series of three large-scale attacks that demonstrate…
-
Kompromittierten Residential-Proxy-Netzwerke
Die Forscher von Censys haben Residential-Proxy-Netzwerke analysiert. Dabei wurde mit ein mutmaßliches ORB (Operation Relay Boxes)-Netzwerk untersucht, das Anfang August 2025 mit fast 40.000 Geräten aktiv war. Polaredge zeigt, wie sich moderne IoT-Botnets von kurzlebigen Ausbrüchen zu einer dauerhaften, global verteilten Infrastruktur entwickeln, die langfristig heimlich böswillige Operationen unterstützt. Ein tieferes Verständnis der Infrastruktur […]…
-
New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs
Akamai finds new Docker malware blocking rivals on exposed APIs, replacing cryptominers with tools that hint at early botnet development. First seen on hackread.com Jump to article: hackread.com/new-docker-malware-blocking-rivals-exposed-apis/
-
New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs
Akamai finds new Docker malware blocking rivals on exposed APIs, replacing cryptominers with tools that hint at early botnet development. First seen on hackread.com Jump to article: hackread.com/new-docker-malware-blocking-rivals-exposed-apis/
-
New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs
Akamai finds new Docker malware blocking rivals on exposed APIs, replacing cryptominers with tools that hint at early botnet development. First seen on hackread.com Jump to article: hackread.com/new-docker-malware-blocking-rivals-exposed-apis/
-
When Hackers Pivot and Hospitals Freeze: What the Latest Threats Reveal About Cybercrime’s New Playbook
What do a pharma firm, a hospital service provider, and your smart doorbell have in common? They were all targets in cyberattacks last month. Here’s the August end-of-month threat rundown from the ColorTokens Threat Advisory Team, a peek into how threat actors are rewriting the rules, one zero-day or botnet at a time. And if……
-
When Hackers Pivot and Hospitals Freeze: What the Latest Threats Reveal About Cybercrime’s New Playbook
What do a pharma firm, a hospital service provider, and your smart doorbell have in common? They were all targets in cyberattacks last month. Here’s the August end-of-month threat rundown from the ColorTokens Threat Advisory Team, a peek into how threat actors are rewriting the rules, one zero-day or botnet at a time. And if……
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 60
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter The Resurgence of IoT Malware: Inside the Mirai-Based “Gayfemboy” Botnet Campaign Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth The Silent, Fileless Threat of VShell Android backdoor spies on […]…
-
New Stealthy Malware Hijacking Cisco, TP-Link, and Other Routers for Remote Control
FortiGuard Labs has uncovered a sophisticated malware campaign targeting critical infrastructure devices from multiple vendors, with the >>Gayfemboy
-
New Stealthy Malware Hijacking Cisco, TP-Link, and Other Routers for Remote Control
FortiGuard Labs has uncovered a sophisticated malware campaign targeting critical infrastructure devices from multiple vendors, with the >>Gayfemboy
-
IoT under siege: The return of the Mirai-based Gayfemboy Botnet
Mirai-based Gayfemboy botnet resurfaces, evolving to target systems worldwide; Fortinet researchers provided details about the new campaign. FortiGuard Labs researchers tracked a new Gayfemboy botnet campaign, the malware exploits known flaws in DrayTek, TP-Link, Raisecom, and Cisco, showing evolved tactics and renewed activity. The Gayfemboy botnet was first identified in February 2024, it borrows the…
-
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets
Tags: attack, botnet, crypto, cve, cybercrime, cybersecurity, exploit, iot, malicious, vulnerabilityCybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure.The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical First seen on thehackernews.com Jump to…
-
US Officials Claim to Have Gained Control of the RapperBot
Overview Recently, US officials claimed to have successfully gained control of RapperBot, effectively curbing this powerful source of DDoS attacks. The operation pinpointed the key figure behind the botnet, Ethan Foltz. According to the investigation, Foltz has been developing and operating RapperBot since 2021, with his residence in Eugene, Oregon, USA. Since its activity, the…The…
-
US charges Oregon man in vast botnethire operation
Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/us-charges-oregon-man-botnet-for-hire/758293/
-
US charges Oregon man in vast botnethire operation
Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/us-charges-oregon-man-botnet-for-hire/758293/
-
US cops wrap up RapperBot, one of world’s biggest DDoShire rackets
Feds say Mirai-spawned botnet blasted 370K attacks before AWS and pals helped yank its servers First seen on theregister.com Jump to article: www.theregister.com/2025/08/21/rapperbot_seized/
-
Oregon Man Charged in Rapper Bot DDoSHire Case
A 22-year-old Oregon man has been charged with administering the Rapper Bot DDoS-for-hire Botnet First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/oregon-man-charged-in-rapper-bot/
-
22-year-old Operator of ‘Rapper Bot’ Botnet Charged for Launching 3 Tbps DDoS Attack
Federal authorities have charged a 22-year-old Oregon man with operating one of the most powerful distributed denial-of-service (DDoS) botnets ever discovered, marking a significant victory in the ongoing battle against cybercriminal infrastructure. Ethan Foltz of Eugene, Oregon, faces federal charges for allegedly developing and administering the >>Rapper Bot
-
Alleged Rapper Bot DDoS botnet master arrested, charged
US federal prosecutors have charged a man with running Rapper Bot, a powerful botnet that was rented out to launch large-scale distributed denial-of-service (DDoS) attacks … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/20/alleged-rapper-bot-ddos-botnet-master-arrested-charged/
-
DOJ takes action against 22-year-old running RapperBot Botnet
DOJ charges 22-year-old Ethan Foltz of Oregon for running RapperBot, a DDoS botnet behind 370K+ attacks in 80+ countries since 2021. The U.S. DOJ charged 22-year-old Ethan Foltz of Oregon for running the RapperBot botnet, used in over 370,000 DDoS-for-hire attacks since 2021. The criminal service is active in over 80 countries, RapperBot enabled large-scale…
-
Feds Seize Powerful DDoSHire Service ‘Rapper Botnet’
22-Year-Old Oregon Man Charged With Selling DDoS Attacks Using Mirai Variant. Federal prosecutors have charged Oregon man Ethan Foltz, 22, with administering an on-demand service for disrupting websites called Rapper Bot. Resulting distributed-denial-of-service attacks disrupted DeepSeek and X, as well as the U.S. Department of Defense, which is leading the investigation. First seen on govinfosecurity.com…
-
Feds charge alleged administrator of ‘sophisticated’ Rapper Bot botnet
A 22-year-old Oregon man has been charged with running a powerful botnet-for-hire service used to launch hundreds of thousands of cyberattacks worldwide, the U.S. Justice Department said. First seen on therecord.media Jump to article: therecord.media/feds-charge-botnet-admin
-
Oregon Man Charged in Global “Rapper Bot” DDoSHire Scheme
A massive cybercrime operation tied to one of the internet’s most powerful DDoS-for-hire botnets, Rapper Bot, has been brought down, and at the center of the case is a 22-year-old man from Eugene, Oregon. According to a federal criminal complaint filed on August 6, 2025, in the District of Alaska, Ethan Foltz is alleged to…
-
DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks
A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service (DDoS)-for-hire botnet called RapperBot.Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice (DoJ) said. The botnet has been used to carry out large-scale DDoS-for-hire attacks…
-
Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator
The DDoS botnet was among the powerful on record, allegedly exceeding six terrabits per second during its largest attack, authorities said. Victims are spread across 80 countries. First seen on cyberscoop.com Jump to article: cyberscoop.com/rapper-bot-ddos-botnet-disrupted/