TrickBot survived an initial takedown attempt, but Microsoft and its partners are countering TrickBot operators after every move, taking down any new infrastructure the group is attempting to bring up online. From a report: Last week, a coalition of cyber-security firms led by Microsoft orchestrated a global takedown against TrickBot, one of today’s largest malware botnets and cybercrime operations. Even if…
Tag: botnets
A New Botnet Is Covertly Targeting Millions of Servers
An anonymous reader quotes a report from Wired: FritzFrog has been used to try and infiltrate government agencies, banks, telecom companies, and universities across the US and Europe. Researchers have found what they believe is a previously undiscovered botnet that uses unusually advanced measures to covertly target millions of servers around the world. The botnet uses proprietary software written from scratch…
Hackers Could Use IoT Botnets To Manipulate Energy Markets
An anonymous reader quotes a report from Wired: At the Black Hat security conference on Wednesday, [researchers at the Georgia Institute of Technology] will present their findings, which suggest that high-wattage IoT botnets — made up of power-guzzling devices like air conditioners, car chargers, and smart thermostats — could be deployed strategically to increase demand at certain times in any of…
Microsoft Orchestrates Coordinated Takedown of Necurs Botnet
Microsoft announced today a coordinated takedown of Necurs, one of the largest spam and malware botnets known to date, believed to have infected more than nine million computers worldwide. From a report: The takedown effort came after Microsoft and industry partners broke the Necurs DGA — the botnet’s domain generation algorithm, the component that generates random domain names. Necurs authors register…
Telnet Passwords Leaked For More Than 500,000 Servers, Routers, and IoT Devices
ZDNet is reporting on a security breach leaking “a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) ‘smart’ devices.”
The list, which was published on a popular hacking forum, includes each device’s IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to…
Dutch Police Take Down Hornets’ Nest of DDoS Botnets
Dutch police have taken down this week a bulletproof hosting provider that has sheltered tens of IoT botnets that have been responsible for hundreds of thousands of DDoS attacks around the world, ZDNet reports. From the report: Servers were seized, and two men were arrested yesterday at the offices of KV Solutions BV (KV hereinafter), a so-called bulletproof hosting provider, a…
Exposed RDP Servers See 150K Brute-Force Attempts Per Week
Slashdot reader Cameyo shares a report from TechRepublic: Remote Desktop Protocol (RDP) is — to the frustration of security professionals — both remarkably insecure and indispensable in enterprise computing. The September 2019 Patch Tuesday round closed two remote code execution bugs in RDP, while the high-profile BlueKeep and DejaBlue vulnerabilities from earlier this year have sent IT professionals in a patching…
Large ‘GoldBrute’ RDP Botnet Hunts For Exposed Servers With Weak Passwords
The Internet Storm Center reports:
RDP, the remote desktop protocol, made the news recently after Microsoft patched a critical remote code execution vulnerability (CVE-2019-0708). While the reporting around this “Bluekeep” vulnerability focused on patching vulnerable servers, exposing RDP to the Internet has never been a good idea. Botnets have been scanning for these servers and are using weak and reused passwords to…