11 May 2021

Lemon Duck Cryptojacking Botnet Changes Up Tactics

The Lemon Duck cryptocurrency mining botnet has adapted its tactics, now targeting Microsoft Exchange servers via ProxyLogon in a new campaign against North American targets. The botnet is leveraging the ProxyLogon exploits to conduct effective attacks while incorporating new techniques such as anti-detection capabilities and the addition of the Cobalt

Read More
26 Apr 2021

This software update is deleting botnet malware from infected PCs around the world

A new update designed by law enforcement has begun the process of removing the Emotet botnet across the world, ridding nearly 1.6 million infected computers of the malware. Law enforcement agencies in the US, Canada, and Europe coordinated a takedown of Emotet infrastructure in January of this year, seeking to

Read More
28 Jan 2021

Cops Disrupt Emotet, the Internet’s ‘Most Dangerous Malware’

Emotet, one of the world’s more notorious botnets in the world, has been wrecking chaos all over the internet for half a decade. However, a massive global police investigation has allegedly resulted in Emotet’s takedown and the arrest of multiple operators and members of the criminal operation behind the botnet.

Read More
23 Oct 2020

Botnet Infects Hundreds of Thousands of Websites

A botnet called KashmirBlack has been infecting thousands of websites running on content management systems such as WordPress, Joomla, and Drupal. The botnet uses Dropbox and GitHub to avoid detection and is focused on spamming and defacing hundreds of thousands of websites.  Security firm Imperva was the first to report

Read More
14 Oct 2020

Lemon Duck Cryptocurrency-Mining Botnet Activity Spikes

Researchers have been monitoring a spike in the cryptocurrency mining botnet Lemon Duck, occurring since this August. The Lemon Duck botnet is a complex mining botnet that has the capability to tap into victims’ computer resources and mine the Monero virtual currency. Researchers warn that although the botnet has been

Read More
13 Oct 2020

Security Firms & Financial Group Team Up to Take Down Trickbot

Several security firms, including ESET, Black Lotus Labs, and Symantec have teamed up with Microsoft and the financial services industry to combat the use of Trickbot through eliminating the ransomware’s C2 infrastructure. The notorious Trickbot ransomware has infected more than a million computing devices to date, according to a statement

Read More
21 Aug 2020

Sophisticated Peer-to-Peer Botnet Discovered

A relatively recent peer-to-peer botnet has just been discovered by researchers. The botnet has been actively breaching Secure Shell servers since at least January and has been named FritzFrog. The botnet utilizes a worm malware that is multi-threaded, file-less, and leaves no signs of infection on the disks of targeted

Read More
09 Apr 2020

New IoT botnet launches stealthy DDoS attacks, spreads malware

A new botnet is reportedly actively targeting IoT devices through the use of payloads compiled for a dozen CPUs. The botnet uses these payloads to launch different types of DDoS attacks and spread malware. The botnet has been named the Dark Nexus by researchers at Bitdefender after they discovered it

Read More
03 Feb 2020

Coronavirus Campaigns Spread Emotet, Malware

Hackers are capitalizing on the public fear of the coronavirus, using headlines related to the global health emergency to spread malicious files, including the notorious Emotet malware. The botnet driven emails are using the coronavirus as a theme to target populations, luring victims into clicking on bad links. The emails

Read More
05 Dec 2019

The Great Cannon DDoS Tool Used Against Hong Kong Protestors’ Forum

The Great Cannon Distributed Denial of Service (DDoS0 tool was deployed against the LIHKG platform used by Hong Kong protesters to coordinate. The Great Cannon is a tool that hijacks traffic between IP addressed, resulting in the ability to replace unencrypted content using man-in-the-middle techniques. The Great Cannon is currently

Read More