As anyone who regularly games online can attest, DDoS (dedicated denial of service) attacks are an irritatingly common occurrence on the internet. Drawing on the combined digital might of a geographically diffuse legion of zombified PCs, hackers can swamp game servers and prevent players from logging on for hours or days at a time. The problem has metastasized in recent years as enterprising hackers have begun to package their botnets and spamming tools into commercial offerings, allowing any
botnet (12)
Palo Alto Networks’ Unit 42 researchers have reported the emergence of a new Mirai botnet variant called MooBot. This variant is looking for unpatched D-Link devices to create its army of DDoS (distributed denial of service) bots. For compromising vulnerable D-Link routers, MooBot uses multiple exploits.
Re-Emergence of Notorious MooBot: The MooBot botnet was first discovered by Qihoo 360’s Netlab in Sep 2019, whereas the most recent wave of attacks involving MooBot, before the one detected b
For the past month, a crimeware (crypto-mining) group infamously known as the 8220 Gang has expanded their botnet to roughly 30,000 global hosts. This through the use of Linux and common cloud application vulnerabilities and poorly secured configurations. In a recent campaign, the group was observed making use of a new version of the IRC botnet, PwnRig cryptocurrency miner, and its generic infection script.
Link to full report, with IOCs: IR-22-208-001_8220Gang.pdf
[1] https://www.sentinelon
Valyria malware is a trojan distributed by phishing email attacks seemingly targeting business emails, commonly using the words “Invoice,” “Order,” or “Report” in the subject line.
Among these emails, there is a strong resurgence of tactics, techniques, and procedures (TTP’s) previously known to be employed by the Gorgon Group with the MasterMana Botnet.
Link to full technical report: TIR-21-224-001_Val.pdf
Purple Fox is the name of a malware downloader, a malicious program that proliferates other programs of this type. This malware is used to infect systems with cryptocurrency mining programs. Purple Fox can cause serious damage and must be uninstalled immediately. An example of malware that could be installed through Purple Fox is ransomware. These programs encrypt files and prevent victims from accessing them unless ransoms are paid or confidential information is disclosed and offered for sa
In late January, a new botnet campaign was discovered targeting unpatched software running on Linux devices with recent code execution CVEs. Once a device is compromised, the bot downloads and executes a malicious Python script that joins the compromised device to the botnet. The botnet is controlled by attackers using Internet Relay Chat (IRC) and enables the attackers to perform DDoS attacks and run crypto miner software on infected devices. Updates are available to patch all CVEs exploited
The IoTReaper, a.k.a. IoTroop, botnet was discovered in 2017, and remains a significant threat to the cyber domain. Check Point Research completed a thorough investigation of the malware when it was discovered in 2017, but researchers have still seen no sign that the botnet has been activated to conduct a significant DDoS attack, similar to that seen against Dyn in 2016. In 2016, a DDos coming from the Mirai botnet triggered a shutdown of services across the country and analysts believe
Mirai is a self-propagating malware that infects networked devices and turns them into remotely controlled bots. Targets include devices in the Internet of Things (IoT) such as IP cameras and home routers and access is achieved with either software exploits or via authentication with factory default credentials. Mirai is frequently updated to include new exploits making it difficult to mitigate.
This report provides cluster trending on infrastructure over the past several weeks from this repor
2019 Cyber Security Threat and Vulnerability Predictions
This report outlines our predictions regarding cyber threats and vulnerabilities for 2019. We base those on the trends Wapack Labs were observing during 2018. The main topics are artificial intelligence, IoT and mobile, cryptocurrency cybercrime, APT activity, and eCommerce targeting.
- Smarter Computing: Swarm, AI and Quantum
Quantum Computing
IBM-Q allows access to its quantum computer for research and testing. Quantum computing will revolut