Unpatched Microsoft Exchange servers are being targeted by the Prometei botnet and added to its operators’ army of Monero (XMR) cryptocurrency mining bots. This modular malware can infect both Windows and Linux systems, and it was first spotted last year while using the EternalBlue exploit to spread across compromised networks and enslave vulnerable Windows computers.
Posts Tagged: Botnet
A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a crypto-mining campaign called “Gitpaste-12,” which used GitHub to host malicious code containing as… Read more »
A new cryptojacking botnet is spreading across compromised networks via multiple methods that include the EternalBlue exploit for Windows Server Message Block (SMB) communication protocol. The attacker’s goal is to mine for Monero (XMR) cryptocurrency and enslave as many systems as possible for this task for increased profit. Complex campaign Researchers at Cisco Talos named… Read more »
Researchers tracking Emotet botnet noticed that the malware started to push QakBot banking trojan at an unusually high rate, replacing the longtime TrickBot payload. Last week, Emotet came back to life after a break of more than five months. Starting yesterday, the malspam operation briefly began installing TrickBot on compromised Windows systems again. Things changed today when researchers… Read more »
Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage ‘distributed denial-of-service’ attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services. The botnet, named “dark_nexus” by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as routers (from Dasan Zhone, Dlink, and ASUS),… Read more »