May 31, 2024 at 03:27PM Operation Endgame seeks help in capturing “Odd,” a figure behind the notorious Emotet operation, as revealed in a recent briefing. This comes after a series of takedowns and arrests related to major malware activities. The secretive nature of Emotet and the ongoing pursuit of “Odd” signal the persistence of cybercrime … Read more
May 31, 2024 at 07:36AM Over 600,000 small office/home office (SOHO) routers of a single ISP were disabled by the Chalubo remote access trojan (RAT) in a deliberate event, impacting model from ActionTec and Sagemcom. The incident occurred over 72 hours in late October 2023. Lumen Technologies reported 49% of the impacted routers were offline … Read more
May 30, 2024 at 08:30AM Europol announced the successful shutdown of TrickBot botnet and other malware droppers in an international operation, targeting various criminal activities and arresting cybercriminals. The operation, named Endgame, involved over a dozen countries and resulted in arrests, infrastructure shutdown, asset freezes, and addition of suspects to Europol’s Most Wanted list. Multiple … Read more
May 29, 2024 at 09:54AM The US Treasury Department sanctioned three Chinese individuals and Thailand-based companies for operating the 911 S5 botnet. Wang, the primary administrator, and Liu, responsible for laundering money, were targeted along with companies allegedly linked to Wang. The botnet facilitated cybercrime, proxying internet connections for illegal activities, resulting in the loss … Read more
May 28, 2024 at 05:06PM The U.S. Treasury Department sanctioned a cybercrime network involving Chinese nationals and Thai companies connected to the “911 S5” botnet, which compromised millions of IP addresses. The network enabled cybercriminals to commit fraud and make bomb threats. Key individuals and entities have been sanctioned, prohibiting transactions and exposing violators to … Read more
May 28, 2024 at 03:16PM The U.S. Treasury Department sanctioned a cybercrime network involving Chinese individuals and Thai companies operating the “911 S5” botnet. This illegitimate residential proxy service compromised 19 million IP addresses, leading to billions in losses and creating threats. Sanctions were imposed on key individuals and entities, aiming to disrupt cybercriminal activities. … Read more
May 28, 2024 at 03:08PM The U.S. Treasury Department sanctioned a cybercrime network involving Chinese nationals and Thai companies linked to the “911 S5” botnet, which compromised 19 million IP addresses. The botnet facilitated cybercrimes, including fraudulent applications and bomb threats. Sanctions were imposed on individuals and entities involved, prohibiting transactions with U.S. interests and … Read more
May 28, 2024 at 06:45AM CatDDoS botnet has exploited over 80 security flaws in the last three months to infect devices and launch DDoS attacks. It targets routers and networking equipment, mostly affecting devices from various vendors. The malware uses ChaCha20 encryption, employs an OpenNIC domain for C2, and shares encryption key/nonce pair with other … Read more
May 17, 2024 at 01:30PM Cloud security firm Aqua recently uncovered the evolving threat of Kinsing, a persistent cryptojacking group utilizing newly disclosed vulnerabilities to expand its botnet. The malware exploits various flaws to enroll systems in crypto-mining, targeting open-source applications and utilizing scripts and binaries to carry out attacks on Linux and Windows systems. … Read more
May 14, 2024 at 12:37PM Summary: Ebury, a malware botnet, has infected nearly 400,000 Linux servers since 2009, with around 100,000 still compromised in late 2023. ESET researchers have tracked the financially motivated operation for over a decade, observing updates in its capabilities. Recent tactics involve breaching hosting providers, stealing credentials, exploiting vulnerabilities, and employing … Read more