Botnet

bitdefender.com

Tens of thousands of Android devices are leaving their debug port exposed

Countless Android devices are leaving themselves open to attack after being shipped with a critical port left unsecured.

Read more in my article on the Hot for Security blog.

Smashing Security podcast #081: Hacker no-hopers, Wessex Water has a word, and we win an award

The ‘mastermind’ behind the Owari botnet doesn’t seem to have learnt anything from his victims, someone at Wessex Water forgets to remove an embarrassing sentence from a letter sent to customers, and we’re officially the best security podcast!

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, with cameo appearances by John Hawes, John Leyden, Paul Ducklin, and Mikko Hyppönen.

tripwire.com

VPNFilter botnet has hacked 500,000 routers. Reboot and patch now!

At least half a million routers and storage devices in dozens of countries around the world have been infected by a sophisticated botnet, in preparation for an alleged planned cyber attack on Ukraine.

Read more in my article on the Tripwire State of Security blog.

tripwire.com

Smominru! Half a million PCs hit by cryptomining botnet

Why go to all the bother of writing ransomware that demands victims pay a Bitcoin ransom? If all you want is cryptocurrency, why not use the infected computers to mine the crypto coins themselves?

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

Jail for man who launched DDoS attacks against Skype, Google, and Pokemon Go

A British man has been sentenced to two years in jail after admitting to a series of computer crime offences, which included over 100 attempts to knock the likes of Google, Skype and Nintendo’s popular video game Pokemon Go offline.

Read more in my article on the Hot for Security blog.

tripwire.com

The Mirai botnet: three men plead guilty after weaponizing the Internet of Things

The Mirai botnet launched an attack on the internet, the scale of which had never been seen before.

And now some of its perpetrators have admitted their criminal involvement.

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

Satori botnet rears its head, exploiting IoT vulnerabilities

A new IoT botnet has quietly hijacked more than 100,000 routers, readying them for paralysing distributed denial-of-service attacks against websites.

Read more in my article on the Bitdefender BOX blog.

bitdefender.com

Reaper IoT botnet could be more devastating than Mirai

Think the Mirai botnet which launched a DDoS attack that knocked major websites offline last year was bad?

It’s possible that you ain’t seen nothing yet.

Read more in my article on the Bitdefender Box blog.

welivesecurity.com

Spammed-out emails threaten websites with DDoS attack on September 30th

Websites are being told that they have until September 30th to pay extortionists $720 worth of Bitcoin, or else suffer a distributed denial-of-service (DDoS) attack.

Read more in my article on the We Live Security blog.

Budding malware author uses same Skype ID across job applications and IoT botnet ads

A young malware developer is using the same Skype ID for applying to jobs and advertising their Internet of Things (IoT) botnet.

David Bisson reports.

welivesecurity.com

Spiderman pleads guilty to knocking 900,000 German broadband routers offline

It seems that Spiderman is in a spot of trouble, tangled in a web of his own making.

Read more in my article on the We Live Security blog.

South Korean banks told to pay $315,000 or suffer DDoS wrath

Online extortionists have threatened to launch distributed denial-of-service (DDoS) attacks against seven South Korean banks unless each victim pays up US $315,000 in ransom.

David Bisson reports.

Universal Plug ‘n’ Pwn! Pinkslipbot malware exploits UPnP to help it steal credentials

A variant of Pinkslipbot is the first known malware to conduct attack campaigns using infected machines as HTTPS-based control servers. Have you disabled UPnP?

David Bisson reports.

Cryptocurrency-mining malware has been using WannaCry’s NSA exploit for weeks

A cryptocurrency-mining malware began exploiting a leaked NSA vulnerability several weeks before WannaCry sank its teeth into it.

David Bisson reports.

tripwire.com

Persirai IoT botnet threatens to hijack over 120,000 IP cameras

Internet-connected cameras around the world are once again being hijacked by malicious hackers in order to carry out distributed denial-of-service (DDoS) attacks.

Read more in my article on the Tripwire State of Security blog.

tripwire.com

ISP brought down by warring malware families

A battle between two rival families of malware is being blamed for the downtime that a Californian ISP suffered earlier this month.

Read more in my article on the Tripwire State of Security blog.