2014, DDOS and IoT - Cyber Security Informer

Courts Hand Down Hard Jail Time for DDoS

Krebs on Security

JANUARY 14, 2019

On Friday, a 34-year-old Connecticut man received a whopping 10-year prison sentence for carrying out distributed denial-of-service (DDoS) attacks against a number of hospitals in 2014. Daniel Kaye , an Israel-U.K.

DDOS

DDOS Internet Internet Spyware

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

Security Affairs

APRIL 24, 2020

The Hoaxcalls IoT botnet expanded the list of targeted devices and has added new distributed denial of service (DDoS) capabilities. The botnet was initially designed to launch DDoS attacks using UDP, DNS and HEX floods. Experts also noticed that the new variant implements 16 new DDoS capabilities. score of 9.8

DDOS

DDOS IoT Advertising DNS

Kaiji, a new Linux malware targets IoT devices in the wild

Security Affairs

MAY 5, 2020

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks.

IoT

IoT Malware DDOS Advertising

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. reads the analysis published by the experts. ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

The FBI issued an alert last week warning about the discovery of new network protocols that have been exploited to launch large-scale DDoS attacks. The Federal Bureau of Investigation sent an alert last week warning about large-scale distributed denial of service (DDoS) attacks that abused new network protocols. continues the report.

DDOS

DDOS IoT Internet Internet

The Dutch police took down 15 DDoS-for-hire services in a week

Security Affairs

APRIL 13, 2020

Dutch authorities have taken down 15 DDoS-for-hire services in a week, this is another success of law enforcement in the fight against cybercrime. An operation conducted by Dutch authorities last week has shut down 15 DDoS-for-hire services (aka DDoS booters or DDoS stressor), states a press release published by Dutch police.

DDOS

DDOS Cybercrime Advertising Government

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

A man accused to have developed distributed denial of service (DDoS) botnets based on the Mirai botnet was sentenced to 13 months in federal prison. Schuchman compromised hundreds of thousands of IoT devices, including home routers and IP cameras, to create multiple DDoS IoT botnets that he rented to carry out the attacks.

DDOS

DDOS IoT Advertising Internet

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. Pierluigi Paganini.

IoT

IoT Firmware Advertising DNS

New XORDDoS, Kaiji DDoS botnet variants target Docker servers

Security Affairs

JUNE 24, 2020

Operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online, Trend Micro warns. Trend Micro researchers reported that operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online. ” reads the analysis published by Trend Micro. .

DDOS

DDOS Malware Advertising IoT

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. According to ZDNet that first published the news, the list was leaked on a popular hacking forum by the operator of a DDoS booter service. ” reported ZDNet. ” reported ZDNet.

IoT

IoT DDOS InfoSec Internet

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

The botnet borrows the code from Tsunami and Gafgyt botnets, it expanded the list of targeted devices and added new distributed denial of service (DDoS) capabilities. In the first week of May, the experts also spotted a Mirai variant using the same exploit, but this samples don’t contain any DDoS capabilities. Pierluigi Paganini.

IoT

IoT DDOS Authentication Advertising

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. IoT is a complicated concept.

IoT

IoT Cybersecurity Manufacturing Internet

Dark Nexus, a new IoT botnet that targets a broad range of devices

Security Affairs

APRIL 8, 2020

Cybersecurity researchers discovered a new IoT botnet, tracked as Dark Nexux, that is used to launch distributed denial-of-service (DDoS) attacks. Dark Nexux is the name of a new emerging IoT botnet discovered by Bitdefender that is used to launch DDoS attacks. through 8.6). Pierluigi Paganini.

IoT

IoT DDOS Advertising Architecture

Dutch police shut down bulletproof service hosting tens of DDoS botnets

Security Affairs

OCTOBER 3, 2019

Dutch police seized a bulletproof hosting service in a major takedown, the infrastructure was used by tens of IoT botnets involved in DDoS attacks. The servers were hosted at an unnamed data center in Amsterdam, it was used by tens of IoT botnets involved in DDoS attacks worldwide. ” continues the statement.

DDOS

DDOS IoT Cybercrime Advertising

A few dollars to bring down sites with new Bushido-based DDoS-for-hire service

Security Affairs

OCTOBER 27, 2018

Security researchers at FortiGuard Labs have discovered a new DDoS-for-hire service called “ 0x-booter” built with leaked code that implements an easy to use interface. “ The DDoS-for-hire service allows users to power different attacks, primarily at the Transport and Application layers. ” .

DDOS

DDOS IoT Advertising Hacking

Creator of multiple IoT botnets, including Satori, pleaded guilty

Security Affairs

SEPTEMBER 4, 2019

Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet , including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets. Pierluigi Paganini.

IoT

IoT DDOS Internet Internet

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. What is infecting IoT devices and how? The researchers set up a honeypot to collect data on infected IoT devices, the way threat actors infect IoT devices and what families of malware are involved.

IoT

IoT Passwords Malware Advertising

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. The IoT malware ran only on systems with an x86 architecture. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Malware Architecture

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Do the increased attacks mean the industry is becoming accustomed to IoT cyber attacks? Three IoT Attack Avenues for 2019.

IoT

IoT Manufacturing Internet Internet

The Growing Presence (and Security Risks) of IoT

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

As most of us know, IoT devices are on the rise in enterprise networks. According to McKinsey & Company , the proportion of organizations that use IoT products has grown from 13 percent in 2014 to 25 percent today. The issue is that these tens of billions of new devices will likely amplify the inherent security risks of IoT.

IoT

IoT Risk Energy and Utilities Healthcare

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). DDoS attacks have become instrumental in successfully distracting organizations and security experts from figuring out threat actors’ end goal: Malware deployment or system infiltration.

Malware

Malware IoT DDOS DNS

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

A security researcher disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack systems without any user interaction. Kunz and his colleagues were able to brute-force the IoT radio in just 10 minutes and achieve root access with full privileges. . Pierluigi Paganini.

IoT

IoT Hacking Firmware Advertising

Torii botnet, probably the most sophisticated IoT botnet of ever

Security Affairs

SEPTEMBER 29, 2018

Avast spotted a new IoT botnet, tracked as Torii, that appears much more sophisticated and stealth of the numerous Mirai variants previously analyzed. Security researchers spotted a new IoT botnet, tracked as Torii, that appears much more sophisticated and stealth of the numerous Mirai variants previously analyzed. Pierluigi Paganini.

IoT

IoT Architecture Advertising DDOS

M2M protocols can be abused to attack IoT and IIoT systems

Security Affairs

DECEMBER 4, 2018

Security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. attackers abuse M2M protocols to target IoT and IIoT devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT

IoT Internet Internet Advertising

Shellbot Botnet Targets IoT devices and Linux servers

Security Affairs

NOVEMBER 5, 2018

“The group distributes the bot by exploiting a common command injection vulnerability on internet of things (IoT) devices and Linux servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT

IoT Advertising DDOS Malware

The Mystery of Fbot

Security Affairs

JANUARY 21, 2020

This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting the IoT devices since way before 2018. This article explains what we have learned about the Fbot traced back from the year of 2014. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS IoT Malware Advertising

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. A DIRECT QUOT The domain quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022. ” concludes the report.

IoT

IoT DDOS Encryption Malware

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers.

IoT

IoT Advertising DDOS Authentication

Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console

Security Affairs

APRIL 20, 2020

Threat actors used the consoles to deliver malware and ransomware through an IoT botnet that was also used to launch distributed denial-of-service (DDoS) attacks. “One particular IP was associated with dozens of activities related to the distribution of malware, phishing emails, ransomware, and DDoS attacks.”

IoT

IoT DDOS Advertising Malware

The author of the Mirai botnet gets six months of house arrest

Security Affairs

OCTOBER 30, 2018

million in compensation for DDoS attacks against the systems of Rutgers University. million in compensation for DDoS attacks against the systems of Rutgers University. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Advertising IoT Malware

A new development shows a potential shift to using Mirai to target enterprises

Security Affairs

MARCH 18, 2019

PaloAlto Networks researchers discovered a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. Researchers at PaloAlto Networks spotted a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. SecurityAffairs – Mirai, IoT). Pierluigi Paganini.

IoT

IoT Wireless DDOS Advertising

Fbot re-emerged, the backstage

Security Affairs

FEBRUARY 26, 2020

DDoS criminal ecosystem ” , who had been actively using IoT devices for the DDoS purpose were racing to use Mirai to their better DDoS botnet platforms. However he learned from previous cases too, by improving the evasion technique using the hexstring-push method to drop the loader into the IoT”.

IoT

IoT DDOS Malware Advertising

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Architecture

Architecture IoT Malware Advertising

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

Malware

Malware DDOS IoT Cybercrime

New Miori botnet has a unique protocol for C2 communication

Security Affairs

JULY 12, 2019

The Miori bot targets IoT devices having SSH and Telnet services exposed online and that are poorly secured. The Miori botnet , similarly to other Mirai variants is used to launch DDoS attacks, it supports both TCP and UDP flood attacks. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Encryption Malware

Experts spotted a new Mirai variant that targets new processors

Security Affairs

APRIL 10, 2019

Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks aimed at Internet of Things (IoT) devices. which allows it to attack a wider range of Internet of Things (IoT) devices, Since the code of the Mirai botnet was leaked online many variants emerged in the threat landscape.

Architecture

Architecture DDOS IoT Internet

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

.” The analysis of the bot revealed that it supports seven functions: reverse shell, self-uninstall, gather process’ network information, gather Bot information, execute system commands, run encrypted files specified in URLs, DDoS attack, etc. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Advertising System Administration DNS

Security Affairs newsletter Round 250

Security Affairs

FEBRUARY 9, 2020

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks. IoT devices at major Manufacturers infected with crypto-miner. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Advertising Ransomware DDOS

Recently discovered DemonBot Botnet targets Hadoop servers

Security Affairs

OCTOBER 29, 2018

Security experts from Radware have spotted a new botnet dubbed DemonBot that it targeting Hadoop clusters to launch DDoS attacks against third parties. ” Even if the binary is compatible with most known Internet of Things (IoT) devices, the bot was not observed targeting smart objects until now. Pierluigi Paganini.

IoT

IoT Malware Advertising DDOS

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

To perform the experiment, we used Internet of Things (IoT) search engines to search for open devices that utilized common printer ports and protocols. To find out how many printers were on the menu for our experiment, we searched for IP addresses with open ports on specialized IoT search engines, such as Shodan and Censys.

Hacking

Hacking IoT Firmware Internet

Security Affairs newsletter Round 248

Security Affairs

JANUARY 26, 2020

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online. For the second time in a few days, Greek Government websites hit by DDoS attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Advertising Antivirus DDOS

Security Affairs newsletter Round 283

Security Affairs

SEPTEMBER 27, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS?

IoT

IoT Banking Advertising Ransomware

Courts Hand Down Hard Jail Time for DDoS

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

Trending Sources

Kaiji, a new Linux malware targets IoT devices in the wild

Mozi Botnet is responsible for most of the IoT Traffic

FBI warns cyber actors abusing protocols as new DDoS attack vectors

The Dutch police took down 15 DDoS-for-hire services in a week

Developer of DDoS Mirai based botnets sentenced to prison

New Ttint IoT botnet exploits two zero-days in Tenda routers

New XORDDoS, Kaiji DDoS botnet variants target Docker servers

Enemybot, a new DDoS botnet appears in the threat landscape

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Dark Nexus, a new IoT botnet that targets a broad range of devices

Dutch police shut down bulletproof service hosting tens of DDoS botnets

A few dollars to bring down sites with new Bushido-based DDoS-for-hire service

Creator of multiple IoT botnets, including Satori, pleaded guilty

Evolution of threat landscape for IoT devices – H1 2018

Chalubo, a new IoT botnet emerges in the threat landscape

5 IoT Security Predictions for 2019

The Growing Presence (and Security Risks) of IoT

Massive increase in XorDDoS Linux malware in last six months

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Torii botnet, probably the most sophisticated IoT botnet of ever

M2M protocols can be abused to attack IoT and IIoT systems

Shellbot Botnet Targets IoT devices and Linux servers

The Mystery of Fbot

Interview With a Crypto Scam Investment Spammer

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

New Mirai variant includes exploit for a flaw in Comtrend Routers

Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console

The author of the Mirai botnet gets six months of house arrest

A new development shows a potential shift to using Mirai to target enterprises

Fbot re-emerged, the backstage

New HEH botnet wipes devices potentially bricking them

EnemyBot malware adds new exploits to target CMS servers and Android devices

New Miori botnet has a unique protocol for C2 communication

Experts spotted a new Mirai variant that targets new processors

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs newsletter Round 250

Recently discovered DemonBot Botnet targets Hadoop servers

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs newsletter Round 248

Security Affairs newsletter Round 283

Stay Connected