Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale

June 11, 2024 at 10:51AM Cybersecurity researchers have unveiled the activities of a Chinese threat actor called SecShow, targeting open DNS resolvers globally, potentially for malicious purposes. Meanwhile, a financially-motivated threat actor advertises a botnet service, Rebirth, targeting game servers for DDoS attacks. This reflects an increasing trend of cyber threats targeting gaming communities for … Read more

Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet

June 3, 2024 at 10:25AM Law enforcement authorities are seeking information on an individual known as Odd, suspected to be the mastermind behind the Emotet malware. The cybercriminal has operated under various aliases and may be collaborating with others. Recent efforts have led to arrests and takedowns of servers associated with malware operations, intensifying the … Read more

Cyber cops plead for info on elusive Emotet mastermind

May 31, 2024 at 03:27PM Operation Endgame seeks help in capturing “Odd,” a figure behind the notorious Emotet operation, as revealed in a recent briefing. This comes after a series of takedowns and arrests related to major malware activities. The secretive nature of Emotet and the ongoing pursuit of “Odd” signal the persistence of cybercrime … Read more

Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers

May 31, 2024 at 07:36AM Over 600,000 small office/home office (SOHO) routers of a single ISP were disabled by the Chalubo remote access trojan (RAT) in a deliberate event, impacting model from ActionTec and Sagemcom. The incident occurred over 72 hours in late October 2023. Lumen Technologies reported 49% of the impacted routers were offline … Read more

TrickBot and Other Malware Droppers Disrupted by Law Enforcement

May 30, 2024 at 08:30AM Europol announced the successful shutdown of TrickBot botnet and other malware droppers in an international operation, targeting various criminal activities and arresting cybercriminals. The operation, named Endgame, involved over a dozen countries and resulted in arrests, infrastructure shutdown, asset freezes, and addition of suspects to Europol’s Most Wanted list. Multiple … Read more

US Sanctions Three Chinese Men for Operating 911 S5 Botnet

May 29, 2024 at 09:54AM The US Treasury Department sanctioned three Chinese individuals and Thailand-based companies for operating the 911 S5 botnet. Wang, the primary administrator, and Liu, responsible for laundering money, were targeted along with companies allegedly linked to Wang. The botnet facilitated cybercrime, proxying internet connections for illegal activities, resulting in the loss … Read more

US govt sanctions cybercrime gang behind massive 911 S5 botnet

May 28, 2024 at 05:06PM The U.S. Treasury Department sanctioned a cybercrime network involving Chinese nationals and Thai companies connected to the “911 S5” botnet, which compromised millions of IP addresses. The network enabled cybercriminals to commit fraud and make bomb threats. Key individuals and entities have been sanctioned, prohibiting transactions and exposing violators to … Read more

US govt sanctions cybercrime gang behind massive 911 S5 botnet

May 28, 2024 at 03:16PM The U.S. Treasury Department sanctioned a cybercrime network involving Chinese individuals and Thai companies operating the “911 S5” botnet. This illegitimate residential proxy service compromised 19 million IP addresses, leading to billions in losses and creating threats. Sanctions were imposed on key individuals and entities, aiming to disrupt cybercriminal activities. … Read more

US govt sanctions cybercrime gang behind massive 911 S5 botnet

May 28, 2024 at 03:08PM The U.S. Treasury Department sanctioned a cybercrime network involving Chinese nationals and Thai companies linked to the “911 S5” botnet, which compromised 19 million IP addresses. The botnet facilitated cybercrimes, including fraudulent applications and bomb threats. Sanctions were imposed on individuals and entities involved, prohibiting transactions with U.S. interests and … Read more

Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique

May 28, 2024 at 06:45AM CatDDoS botnet has exploited over 80 security flaws in the last three months to infect devices and launch DDoS attacks. It targets routers and networking equipment, mostly affecting devices from various vendors. The malware uses ChaCha20 encryption, employs an OpenNIC domain for C2, and shares encryption key/nonce pair with other … Read more