TheMoon malware infects 6,000 ASUS routers in 72 hours for proxy service

March 26, 2024 at 11:05AM A new variant of “TheMoon” malware botnet has infected thousands of outdated SOHO routers and IoT devices in 88 countries. Linked to the “Faceless” proxy service, it’s utilized by cybercriminals to anonymize their activities. Black Lotus Labs observed it targeting over 6,000 ASUS routers in less than 72 hours. Common … Read more

Feds dismantle Russia’s GRU botnet built on 1,000-plus home, small biz routers

February 15, 2024 at 04:19PM The US government recently thwarted a botnet utilized by Russia’s GRU military intelligence unit for cyber espionage. Over a thousand compromised routers were neutralized, hindering the use of Moobot malware for data theft and network attacks. The FBI and Justice Department played pivotal roles in dismantling the cyber tools, aiming … Read more

FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies

February 15, 2024 at 02:45PM The US government has neutralized a Russian cyber espionage platform by disrupting a botnet of hundreds of Ubiquiti Edge OS routers controlled by the APT28 group. The routers were initially infected with ‘Moobot’ malware by cybercriminals and subsequently hijacked by the Russian group. The operation involved deleting stolen data and … Read more

FBI disrupts Moobot botnet used by Russian military hackers

February 15, 2024 at 01:07PM The FBI dismantled a botnet of SOHO routers used by Russia’s GRU for cyberattacks on the US and allies. GRU repurposed the botnet using Moobot malware, possibly originating from cybercriminals. FBI remotely accessed and wiped the malware, blocking GRU access. APT28, known for previous cyber-attacks, was identified. This marks the … Read more

Canon Patches 7 Critical Vulnerabilities in Small Office Printers

February 6, 2024 at 09:00AM Canon announced software updates to patch seven critical vulnerabilities impacting small office printer models. These buffer overflow bugs can be exploited for remote code execution or to cause unresponsiveness. The flaws, with a CVSS score of 9.8, affect various printer components and specific models globally. Customers are advised to install … Read more

FBI confirms it issued remote kill command to blow out Volt Typhoon’s botnet

January 31, 2024 at 02:27PM China’s Volt Typhoon cyber attackers utilized outdated Cisco and NetGear routers infected with malware to target US critical infrastructure facilities. The FBI intercepted the attack, harvested key data, then wiped the KV Botnet. FBI Director Christopher Wray warned of China targeting US communications, energy, transportation, and water sectors. Law enforcement … Read more

Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks

November 23, 2023 at 05:54AM An active malware campaign is using two zero-day vulnerabilities to create a Mirai-based DDoS botnet by targeting routers and network video recorders. Akamai has discovered the attacks and identified the malware variants involved. The flaws are being kept under wraps to allow vendors to patch them. The attacks utilize offensive … Read more