Bleeping Computer

Updated Miori Botnet C2 Server Tells Researchers to F*** Off

A new version of the Miori botnet added protection to the login panel of its command and control server, hanging a "not welcome" message for connections likely coming from a security researcher. Until ...
Security Boulevard

RondoDox Botnet Operators Set React2Shell Flaw in Their Sights

The operators behind the highly adaptable RondoDox botnet campaign that kicked off in late March have proven to be ready to embrace the latest attack trends. Most recently, in December they began ...
Bleeping Computer

New PurpleFox botnet variant uses WebSockets for C2 communication

The PurpleFox botnet has refreshed its arsenal with new vulnerability exploits and dropped payloads, now also leveraging WebSockets for C2 bidirectional communication. Although it's mainly based in ...
Threat Post

Necurs Botnet Evolves to Hide in the Shadows, with New Payloads

Using an on-again, off-again strategy of C2 communication helps it hide from researchers. Necurs, the prolific and globally dispersed spam and malware distribution botnet, has been spotted using a ...
The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...

A massive new DDoS botnet has already snared 1.8 million devices - here's what we know about Kimwolf

QiAnXin XLab published a new report on Kimwolf, an Android-based botnet that primarily targets TVs, set-top boxes, and tablets. At the moment, it infected roughly 1.8 million devices, mostly in Brazil ...
Gizmodo

How Cybercriminals Are Using Bitcoin’s Blockchain to Make Botnets Stronger Than Ever

Last week, Google announced that it had partially disrupted the operations of a massive botnet—a gargantuan network of over one million malware-infected Windows computers. In the world of ...
techtimes

SOHO Router-Targeting Botnet AVrecon Infiltrates More Than 70,000 Devices in 20 Countries: How Dangerous Is This Malware Strain?

A stealthy Linux malware called AVrecon has been infecting over 70,000 small office/home office (SOHO) routers, creating a botnet primarily aimed at stealing bandwidth and operating as a hidden ...
Threat Post

Unique P2P Architecture Gives DDG Botnet ‘Unstoppable’ Status

DDG might be the world’s first P2P-based cryptomining botnet. The coin-mining botnet known as DDG has seen a flurry of activity since the beginning of the year, releasing 16 different updates over the ...
ZDNet

This botnet is abusing Bitcoin blockchains to stay in the shadows

A botnet used for illicit cryptocurrency mining activities is abusing Bitcoin (BTC) transactions to stay under the radar. According to new research published by Akamai on Tuesday, the technique is ...
ZDNet

Bizarre botnet infects your PC to scrub away cryptocurrency mining malware

Good guy vigilante, or error in coding? A strange botnet has appeared on the scene which instead of infecting devices in order to enslave them, appears to be actually ...