New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign

Trend Micro found a new modular fileless botnet malware, which we named “Novter,” (also reported and known as “Nodersok” and “Divergent”) that the KovCoreG campaign has been distributing since March. We’ve been actively monitoring this threat since its emergence and Read More …

Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month

Insecure Internet-connected devices have aided different types of cybercrime for years, most common being DDoS and spam campaigns. But cybercriminals have now shifted toward a profitable scheme where botnets do not just launch DDoS or spam—they mine cryptocurrencies as well. Read More …

A botnet has been cannibalizing other hackers’ web shells for more than a year

A major botnet operation has been attacking and taking over the web shells (backdoors on web servers) of other malware operations for more than a year, security researchers from Positive Technologies revealed today. Researchers linked the botnet to a former Read More …

Back-to-Back Campaigns: Neko, Mirai, and Bashlite Malware Variants Use Various Exploits to Target Several Routers, Devices

Within a span of three weeks, our telemetry uncovered three notable malware variants of Neko, Mirai, and Bashlite. On July 22, 2019, we saw and started analyzing a Neko botnet sample, then observed another sample with additional exploits the following Read More …

Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’

Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps — leveled against Elasticsearch servers. These attacks mostly deliveredcryptocurrency-mining malware, as in the Read More …