‘P2PInfect’ Worm Grows Teeth With Miner, Ransomware & Rootkit

June 25, 2024 at 06:03AM The innocuous Linux botnet, “P2PInfect,” has transformed into a potent threat, incorporating a rootkit, cryptominer, and ransomware. Its propagation method exploits the Redis database application, primarily impacting East Asia. Organizations worldwide, utilizing Redis, are advised to enhance server protection measures against this evolving malware. Detecting its artifacts such as high … Read more

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

March 29, 2024 at 09:09AM In March 2024, a dormant botnet, TheMoon, was found controlling EoL routers and IoT devices to power a criminal proxy service named Faceless. The service allows malicious activities to remain anonymous and has been used by threats like SolarMarker and IcedID to connect to their C2 servers. The majority of … Read more