Authorities in the Netherlands said they dismantled a botnet that comprised more than 17 million devices and were managed by 200 servers in a joint operation by the police and the National Cyber Security Center. The action, announced Thursday, came about after a security researcher reported the sprawling network to authorities. The host infrastructure was… Read More: Botnet of more than 17 million devices dismantled »
Researchers say they have uncovered a takedown-resistant botnet of 14,000 routers and other network devices—primarily made by Asus—that have been conscripted into a proxy network that anonymously carries traffic used for cybercrime. The malware—dubbed KadNap—takes hold by exploiting vulnerabilities that have gone unpatched by their owners, Chris Formosa, a researcher at security firm Lumen’s Black… Read More: 14,000 routers are infected by malware that’s highly resistant to… »
A newly discovered network botnet comprising an estimated 30,000 webcams and video recorders—with the largest concentration in the US—has been delivering what is likely to be the biggest denial-of-service attack ever seen, a security researcher inside Nokia said. The botnet, tracked under the name Eleven11bot, first came to light in late February when researchers inside Nokia’s… Read More: Massive botnet that appeared overnight is delivering record-size DDoSes »
Hackers working on behalf of the Chinese government are using a botnet of thousands of routers, cameras, and other Internet-connected devices to perform highly evasive password spray attacks against users of Microsoft’s Azure cloud service, the company warned Thursday. The malicious network, made up almost entirely of TP-Link routers, was first documented in October 2023… Read More: Thousands of hacked TP-Link routers used in years-long account takeover… »
Getty Images reader comments 17 The US Treasury Department has sanctioned three Chinese nationals for their involvement in a VPN-powered botnet with more than 19 million residential IP addresses they rented out to cybercriminals to obfuscate their illegal activities, including COVID-19 aid scams and bomb threats. The criminal enterprise, the Treasury Department said Tuesday, was… Read More: US sanctions operators of “free VPN” that routed crime traffic… »
reader comments 2 Cybercriminals and spies working for nation-states are surreptitiously coexisting inside the same compromised name-brand routers as they use the devices to disguise attacks motivated both by financial gain and strategic espionage, researchers said. In some cases, the coexistence is peaceful, as financially motivated hackers provide spies with access to already compromised routers… Read More: Hacker free-for-all fights for control of home and office routers… »
Getty Images reader comments 22 Crooks are working overtime to anonymize their illicit online activities using thousands of devices of unsuspecting users, as evidenced by two unrelated reports published Tuesday. The first, from security firm Lumen Labs, reports that roughly 40,000 home and office routers have been drafted into a criminal enterprise that anonymizes illicit… Read More: Thousands of phones and routers swept into proxy service, unbeknownst… »
Getty Images reader comments 23 Attackers have transformed hundreds of hacked sites running WordPress software into command-and-control servers that force visitors’ browsers to perform password-cracking attacks. A web search for the JavaScript that performs the attack showed it was hosted on 708 sites at the time this post went live on Ars, up from 500… Read More: Attack wrangles thousands of web users into a password-cracking botnet »
Getty Images reader comments 12 For the past year, previously unknown self-replicating malware has been compromising Linux devices around the world and installing cryptomining malware that takes unusual steps to conceal its inner workings, researchers said. The worm is a customized version of Mirai, the botnet malware that infects Linux-based servers, routers, Web cameras, and… Read More: Linux devices are under attack by a never-before-seen worm »
reader comments 8 with 0 posters participating Share this story Microsoft researchers have discovered a hybrid Windows-Linux botnet that uses a highly efficient technique to take down Minecraft servers and performs distributed denial-of-service attacks on other platforms. Dubbed MCCrash, the botnet infects Windows machines and devices running various distributions of Linux for use in DDoS… Read More: Microsoft discovers Windows/Linux botnet used in DDoS attacks »