Tag: botnet
16 attack reports | 0 vulnerabilities
Attack reports
Published: October 4, 2024
Number of indicators: 120
This report examines an infrastructure used to control compromised edge devices transformed into Operational Relay Boxes for laun…
Published: October 2, 2024
Number of indicators: 169
PRC-linked cyber actors have compromised thousands of Internet-connected devices to create a botnet for malicious activities. Int…
Published: October 1, 2024
Number of indicators: 62
This analysis uncovers a significant infection chain targeting Windows and Linux systems through Oracle WebLogic vulnerabilities.…
Published: September 20, 2024
Number of indicators: 198
A large, multi-tiered botnet called Raptor Train, likely operated by Chinese threat actors Flax Typhoon, has been discovered. Con…
Published: August 8, 2024
Number of indicators: 7
This analysis uncovers the expansion of a significant botnet operation, dubbed Quad7 or 7777 botnet, characterized by its unique …
Published: August 7, 2024
Number of indicators: 64
TrendMicro highlights the dangers of internet-facing routers and elaborates on Pawn Storm's exploitation of EdgeRouters, compleme…
Published: July 23, 2024
Number of indicators: 4
Sekoia.io investigated the mysterious 7777 botnet (aka Quad7 botnet), which compromised TP-Link routers to relay password sprayin…
Published: July 17, 2024
Number of indicators: 7
This report discusses the AndroxGh0st malware, a Python-scripted threat targeting Laravel web applications to steal sensitive dat…
Published: July 5, 2024
Number of indicators: 13
An analysis of a newly discovered botnet named Zergeca, implemented in Go language, with capabilities for DDoS attacks, proxying,…
Published: July 2, 2024
Number of indicators: 35
QIanxin describes the discovery and analysis of k4spreader, a new malware installer and spreader tool developed by the 8220 minin…
Published: June 14, 2024
Number of indicators: 35
The report provides an in-depth analysis of the notorious Botnet 911 S5, revealing its origins, operations, and digital remnants.…
Published: June 6, 2024
Number of indicators: 24
This report discusses a botnet that has been active since 2019, distributing various malware such as NiceRAT, Nitol, and NanoCore…
Published: June 6, 2024
Number of indicators: 34
This report discusses a case where a CoinMiner threat actor's proxy server, used to access an infected botnet, became the target …
Published: May 13, 2024
Number of indicators: 16
In late April 2024, Proofpoint observed high-volume email campaigns facilitated by the Phorpiex botnet, distributing millions of …
Published: May 10, 2024
Number of indicators: 23
Juniper Threat Labs has observed attempts to exploit Ivanti Pulse Secure authentication bypass and remote code execution vulnerab…