IoT Security Botnet of 190,000 BadBox-Infected Android Devices Discovered Bitsight has discovered a BadBox botnet consisting of over 190,000 Android devices, mainly Yandex smart TVs and Hisense smartphones. Ionut ArghireDecember 20, 2024
Malware & Threats Juniper Warns of Mirai Botnet Targeting Session Smart Routers Juniper Networks says a Mirai botnet is ensnaring session smart router devices that are using default passwords. Ionut ArghireDecember 19, 2024
Cybercrime Threat Actor Turns Thousands of IoT Devices Into Residential Proxies A threat actor tracked as Water Barghest has compromised over 20,000 IoT devices and monetizes them as residential proxies. Ionut ArghireNovember 19, 2024
Malware & Threats Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day A zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet. Ionut ArghireNovember 18, 2024
Nation-State China’s Volt Typhoon Rebuilding Botnet Security researchers say the botnet created by China’s Volt Typhoon re-emerged recently, leveraging the same core infrastructure and techniques. Eduard KovacsNovember 13, 2024
Nation-State US Disrupts ‘Raptor Train’ Botnet of Chinese APT Flax Typhoon The US government has announced the disruption of Raptor Train, a Flax Typhoon botnet powered by hacked consumer devices. Eduard KovacsSeptember 19, 2024
Malware & Threats Chinese Spies Built Massive Botnet of IoT Devices to Target US, Taiwan Military Black Lotus Labs estimates that more than 200,000 routers, network-attached storage servers, and IP cameras have been ensnared in the botnet. Ryan NaraineSeptember 18, 2024
Malware & Threats Recent Zyxel NAS Vulnerability Exploited by Botnet A Mirai-like botnet has started exploiting a critical-severity vulnerability in discontinued Zyxel NAS products. Ionut ArghireJune 25, 2024
Malware & Threats Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers Over 600,000 SOHO routers belonging to a single ISP and infected with the Chalubo trojan were rendered inoperable. Ionut ArghireMay 31, 2024
Malware & Threats Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested The US announced that the 911 S5 (Cloud Router) botnet, likely the world’s largest, has been dismantled and its administrator arrested. Eduard KovacsMay 30, 2024
Cybercrime US Sanctions Three Chinese Men for Operating 911 S5 Botnet The US government has announced sanctions against three Chinese nationals accused of creating and operating the 911 S5 proxy botnet. Eduard KovacsMay 29, 2024
Malware & Threats 400,000 Linux Servers Hit by Ebury Botnet The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected. Ionut ArghireMay 15, 2024