The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: botnet malware

US Warns of 'DeltaCharlie' – A North Korean DDoS Botnet Malware

US Warns of 'DeltaCharlie' – A North Korean DDoS Botnet Malware
June 14, 2017Swati Khandelwal
The United States government has released a rare alert about an ongoing, eight-year-long North Korean state-sponsored hacking operation. The joint report from the FBI and U.S. Department of Homeland Security (DHS) provided details on " DeltaCharlie ," a malware variant used by " Hidden Cobra " hacking group to infect hundreds of thousands of computers globally as part of its DDoS botnet network. According to the report, the Hidden Cobra group of hackers are believed to be backed by the North Korean government and are known to launch cyber attacks against global institutions, including media organizations, aerospace and financial sectors, and critical infrastructure. While the US government has labeled the North Korean hacking group Hidden Cobra, it is often known as Lazarus Group and Guardians of Peace – the one allegedly linked to the devastating WannaCry ransomware menace that shut down hospitals and businesses worldwide. DeltaCharlie – DDoS Botnet M

U.S. Takes Down Kelihos Botnet After Its Russian Operator Arrested in Spain

U.S. Takes Down Kelihos Botnet After Its Russian Operator Arrested in Spain
April 11, 2017Mohit Kumar
A Russian computer hacker arrested over the weekend in Barcelona was apparently detained for his role in a massive computer botnet, and not for last year's US presidential election hack as reported by the Russian media. Peter Yuryevich Levashov, 32-years-old Russian computer programmer, suspected of operating the Kelihos botnet — a global network of over 100,000 infected computers that was used to deliver spam, steal login passwords, and infect computers with ransomware and other types of malware since approximately 2010, the U.S. Justice Department announced Monday. As suspected earlier, Levashov, also known as Peter Severa, is the same man who has also been listed in the World's Top 10 Worst Spammers maintained by anti-spam group Spamhaus , which has given him the 7th position in the list. The arrest was made possible after the FBI learned just last month that Levashov was traveling with his family to Spain from his home in Russia, a country without any extraditi

Warning! CCTV Cameras Sold on Amazon Come with Pre-Installed Malware

Warning! CCTV Cameras Sold on Amazon Come with Pre-Installed Malware
April 12, 2016Swati Khandelwal
Be careful while buying any off-brand electronics from Amazon, as they could end up infecting you. Recently, independent security researcher Mike Olsen discovered that the CCTV surveillance devices sold on Amazon came with pre-installed malware. Olsen discovered this nasty secret after he bought a set of outdoor CCTV surveillance cameras from Amazon for one of his friends. He picked Sony Chip HD 6 Camera 1080P PoE IP CCTV surveillance camera kit sold by the Urban Security Group (USG) on Amazon, as it had good reviews and was a relatively cheap set of 6 cameras with all necessary equipment included. While helping his friend set up the cameras, Olsen logged into the administrator panel to configure the surveillance system and found that the page hosted "no normal controls or settings." Assuming that it might be bad programming, Olsen opened up the browser's developer tools and was surprised to discover a hidden iFrame loaded at the bottom of the bo

Hola — A widely popular Free VPN service used as a Giant Botnet

Hola — A widely popular Free VPN service used as a Giant Botnet
May 29, 2015Swati Khandelwal
The bandwidth of Millions of users of a popular free VPN service is being sold without their knowledge in an attempt to cover the cost of its free service, which could result in a vast botnet-for-sale network. " Hola ," a free virtual private network, is designed to help people abroad watch region restricted shows like American Netflix, and other streaming United States media. Hola is selling users' bandwidth: Hola is easy-to-use browser plugin available in the Google Chrome Store with currently more than 6 Million downloads . But, unfortunately, Hola could be used by hackers to maliciously attack websites, potentially putting its users at risk of being involved in illegal or abusive activities. Hola uses a peer-to-peer system to route users' traffic. So, if you are in Denmark and wants to watch a show from America, you might be routed through America-based user's Internet connections. However, Hola is not leaving a chance to make money o

Warrant Authorized FBI to Track and Infect Computers with Malware

Warrant Authorized FBI to Track and Infect Computers with Malware
August 06, 2014Swati Khandelwal
Tor has always been a tough target for law enforcement for years, but the United States Federal Bureau of Investigation ( FBI ) has found a way to successfully track users across the network. Just a few days back, Tor made a difficult announcement that an attack on its system likely exposed its users of anonymity. Now, a new report from Wired suggests that the FBI has been running a malware campaign to identify Tor users by infecting their computers for years on a large scale. FBI USES DRIVE-BY HACKING TO TRACK USERS Tor is generally thought to be a place where users come online to hide their activities and remain anonymous, but a court case has revealed an opposite story. FBI has been using a tactic called drive-by hacking to track computers using the Tor anonymous computing system. Security researchers call the tactic a " drive-by download " in which a hacker infiltrates a high-traffic website to deliver the malware to large swaths of visitors. That simply means t

New Pushdo Malware Hacks 11,000 Computers in Just 24 Hours

New Pushdo Malware Hacks 11,000 Computers in Just 24 Hours
July 17, 2014Mohit Kumar
One of the oldest active malware families, Pushdo, is again making its way onto the Internet and has recently infected more than 11,000 computers in just 24 hours. Pushdo, a multipurpose Trojan, is primarily known for delivering financial malware such as ZeuS and SpyEye onto infected computers or to deliver spam campaigns through a commonly associated components called Cutwail that are frequently installed on compromised PCs. Pushdo was first seen over 7 years ago and was a very prolific virus in 2007. Now, a new variant of the malware is being updated to leverage a new domain-generation algorithm (DGA) as a fallback mechanism to its normal command-and-control (C&C) communication methods. DGAs are used to dynamically generating a list of domain names based on an algorithm and only making one live at a time, blocking on 'seen' Command & Control domain names becomes nearly impossible. With the help of a DGA, cyber criminals could have a series of advantages
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.