![]() In November, Qrator Labs recorded a series of short but powerful attacks on its systems and those of its clients. AT&T is investigating attacks on EdgeMarc devices. However, the cybercriminals later severed communication with this server. ![]() By exploiting a bug in the bot itself (one of the first versions accessed a non-existent C2 server registered by researchers), Netlab 360 managed to detect 5,700 infected devices. The bot infiltrated the devices through the CVE-2017-6079 vulnerability, which allows execution of arbitrary commands. This zombie network consists solely of EdgeMarc Enterprise Session Border Controller devices located on AT&T carrier networks. The EwDoor botnet, which first came to researchers’ attention in late October, turned out to be more picky than Abcbot. This is further evidence that the same botnets are often used for mining and DDoS. Then in December, researchers at Cado Security linked the botnet to the Xanthe cryptojacking group. In October, the botnet was upgraded with DDoS functionality. ![]() A zombie network, named Abcbot by researchers, first hit the radar in July, but at the time it was little more than a simple scanner attacking Linux systems by brute-forcing weak passwords and exploiting known vulnerabilities. Q4 2021 saw the appearance of several new DDoS botnets. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |