Tag: botnet

16 attack reports | 0 vulnerabilities

Attack reports

Published: October 4, 2024

Number of indicators: 120

This report examines an infrastructure used to control compromised edge devices transformed into Operational Relay Boxes for laun…

Published: October 1, 2024

Number of indicators: 62

This analysis uncovers a significant infection chain targeting Windows and Linux systems through Oracle WebLogic vulnerabilities.…

Published: September 20, 2024

Number of indicators: 198

A large, multi-tiered botnet called Raptor Train, likely operated by Chinese threat actors Flax Typhoon, has been discovered. Con…

Published: August 8, 2024

Number of indicators: 7

This analysis uncovers the expansion of a significant botnet operation, dubbed Quad7 or 7777 botnet, characterized by its unique …

Published: August 7, 2024

Number of indicators: 64

TrendMicro highlights the dangers of internet-facing routers and elaborates on Pawn Storm's exploitation of EdgeRouters, compleme…

Published: July 23, 2024

Number of indicators: 4

Sekoia.io investigated the mysterious 7777 botnet (aka Quad7 botnet), which compromised TP-Link routers to relay password sprayin…

Published: July 17, 2024

Number of indicators: 7

This report discusses the AndroxGh0st malware, a Python-scripted threat targeting Laravel web applications to steal sensitive dat…

Published: July 5, 2024

Number of indicators: 13

An analysis of a newly discovered botnet named Zergeca, implemented in Go language, with capabilities for DDoS attacks, proxying,…

Published: July 2, 2024

Number of indicators: 35

QIanxin describes the discovery and analysis of k4spreader, a new malware installer and spreader tool developed by the 8220 minin…

Published: June 14, 2024

Number of indicators: 35

The report provides an in-depth analysis of the notorious Botnet 911 S5, revealing its origins, operations, and digital remnants.…

Published: June 6, 2024

Number of indicators: 24

This report discusses a botnet that has been active since 2019, distributing various malware such as NiceRAT, Nitol, and NanoCore…

Published: June 6, 2024

Number of indicators: 34

This report discusses a case where a CoinMiner threat actor's proxy server, used to access an infected botnet, became the target …

Published: May 13, 2024

Number of indicators: 16

In late April 2024, Proofpoint observed high-volume email campaigns facilitated by the Phorpiex botnet, distributing millions of …

Published: May 10, 2024

Number of indicators: 23

Juniper Threat Labs has observed attempts to exploit Ivanti Pulse Secure authentication bypass and remote code execution vulnerab…

Published: May 3, 2024

Number of indicators: 24

In April 2024, FortiGuard Labs observed a new botnet exploiting a nearly decade-old D-Link vulnerability to take control of devic…