botnet | Breaking Cybersecurity News | The Hacker News

On Thursday, we compiled a story based on research published by a British security expert reporting that some cyber criminals are apparently using Mirai Botnet to conduct DDoS attacks against the telecommunication companies in Liberia, a small African country. In his blog post , Kevin Beaumont claimed that a Liberian transit provider confirmed him about the DDoS attack of more than 500 Gbps targeting one undersea cable servicing Internet connectivity for the entire country. Later, some media outlets also confirmed that the DDoS attack caused Internet outage in some parts of the country, citing 'slow Internet' and 'total outage' experienced by some local sources and citizens. "The DDoS is killing our business. We have a challenge with the DDoS. We are hoping someone can stop it. It's killing our revenue. Our business has frequently been targeted" an employee with one Liberian mobile service provider told PC World . Network firm Level 3 confirmed Zack Whittaker

Guess how many devices participated in last Friday's massive DDoS attack against DNS provider Dyn that caused vast internet outage? Just 100,000 devices. I did not miss any zeros. Dyn disclosed on Wednesday that a botnet of an estimated 100,000 internet-connected devices was hijacked to flood its systems with unwanted requests and close down the Internet for millions of users. Dyn executive vice president Scott Hilton has issued a statement , saying all compromised devices have been infected with a notorious Mirai malware that has the ability to take over cameras, DVRs, and routers. "We're still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious endpoints," Hilton said. "We are able to confirm that a significant volume of attack traffic originated from Mirai-based botnets." Mirai malware scans for Internet of Things (IoT) devices that are still using their default passwords and then enslaves those

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

You might be surprised to know that your security cameras, Internet-connected toasters and refrigerators may have inadvertently participated in the massive cyber attack that broke a large portion of the Internet on Friday. That's due to massive Distributed Denial of Service (DDoS) attacks against Dyn, a major domain name system (DNS) provider that many sites and services use as their upstream DNS provider for turning IP addresses into human-readable websites. The result we all know: Twitter, GitHub, Amazon, Netflix, Pinterest, Etsy, Reddit, PayPal, and AirBnb, were among hundreds of sites and services that were rendered inaccessible to Millions of people worldwide for several hours. Why and How the Deadliest DDoS Attack Happened It was reported that the Mirai bots were used in the massive DDoS attacks against DynDNS, but they "were separate and distinct" bots from those used to execute record-breaking DDoS attack against French Internet service and hosting

With rapidly growing Internet of Thing (IoT) devices, they have become a much more attractive target for cybercriminals. Just recently we saw a record-breaking Distributed Denial of Service (DDoS) attacks against the France-based hosting provider OVH that reached over one Terabit per second (1 Tbps), which was carried out via a botnet of infected IoT devices. Now, such attacks are expected to grow more rapidly as someone has just released the source code for IoT botnet, which was 'apparently' used to carry out world's largest DDoS attacks. Internet of Things-Botnet 'Mirai' Released Online Dubbed Mirai , the malware is a DDoS Trojan that targets BusyBox systems , a collection of Unix utilities specifically designed for embedded devices like routers. The malware is programmed to hijack connected IoT devices that are using the default usernames and passwords set by the factory before devices are first shipped to customers. Spotted by Brian Krebs , the

The Internet of Things (IoTs) or Internet-connected devices are growing at an exponential rate and so are threats to them. Due to the insecure implementation, these Internet-connected embedded devices, including Smart TVs, Refrigerators, Microwaves, Set-top boxes, Security Cameras and printers, are routinely being hacked and used as weapons in cyber attacks. We have seen how hackers literally turned more than 100,000 Smart TVs and Refrigerator into the cyber weapon to send out millions of malicious spam emails for hacking campaigns; we have also seen how hackers abused printers and set-top-boxes to mine Bitcoins. And now… Cyber crooks are hacking CCTV cameras to form a massive botnet that can blow large websites off the Internet by launching Distributed Denial-of-service (DDoS) attacks. Researchers at Security firm Sucuri came across a botnet of over 25,000 CCTV cameras targeting business around the globe while defending a small jewelry shop against a DDoS attack . Al

The world's most notorious financial hacking operation disrupted by Russian authorities in November, when they raided the offices associated with a Moscow-based film and production company named 25th Floor . According to the Russian authorities, 25th Floor was allegedly involved in distributing the notorious password-stealing malware known as Dyre Banking Trojan . Malware Costs Hundreds of $$$ Millions in Losses The Dyre banking Trojan was typically distributed via spam campaigns and was responsible for over hundreds of millions of dollars in losses at banking and financial institutions, including Bank of America Corp, PayPal, and JPMorgan Chase & Co. Dyre , also known as Dyreza , first appeared in July 2014 and updated to target Windows 10 systems and its newest Edge browser. However, Dyre has not been in use since the November raid, according to cyber security experts, who said the raid represents Russia's biggest effort up to date in cracking down

Last month, the Norway police arrested five hackers accused of running the MegalodonHTTP Remote Access Trojan (RAT). The arrests came as part of the joint operation between Norway's Kripos National Criminal Investigation Service and Europol, codenamed " OP Falling sTAR ." According to the United States security firm, all the five men, aged between 16 and 24 years and located in Romania, France, and Norway, were charged with possessing, using and selling malware. One of those arrested also confessed to running his own web store where he sold malware, designed to take full control of target computers, harvesting passwords, and other personal data. Moreover, the malware can be used to hijack webcams in real-time, and steal documents, images, and videos as well. "Damballa's threat discovery center worked in cooperation with the Norway police over the last few months to track and identify the author of the malware dubbed MegalodonHTTP," threat

A network of compromised Linux servers has grown so powerful that it can blow large websites off the Internet by launching crippling Distributed Denial-of-service (DDoS ) attacks of over 150 gigabits per second (Gbps). The distributed denial-of-service network, dubbed XOR DDoS Botnet , targets over 20 websites per day , according to an advisory published by content delivery firm Akamai Technologies. Over 90 percent of the XOR DDoS targets are located in Asia, and the most frequent targets are the gaming sector and educational institutions. XOR creator is supposed to be from China, citing the fact that the IP addresses of all Command and Control (C&C) servers of XOR are located in Asia, where most of the infected Linux machines also reside. How XOR DDoS Botnet infects Linux System? Unlike other DDoS botnets , the XOR DDoS botnet infects Linux machines via embedded devices such as network routers and then brute forces a machine's SSH service to gain ro

The US State Department and the Federal Bureau of Investigation are willing to pay a total $4.2 Million for information leading to the arrest and/or conviction of top 5 most wanted cyber criminals accused of conducting frauds of hundreds of millions of dollars. Evgeniy Bogachev,30; Nicolae Popescu, 34; Alexsey Belan, 28; Peteris Sahurovs, 26; and Shailesh Kumar Jain, 45; are in the list of FBI's Top 5 most-wanted hackers. 1. Evgeniy Mikhailovich Bogachev | Reward - $3 MILLION Evgeniy Mikhailovich Bogachev , also known under the aliases "lucky12345," "Slavik," and "Pollingsoon," is the mastermind behind the GameOver Zeus botnet , which was allegedly used by criminals to infect more than 1 Million computers, resulting in up to $100 Million in losses since 2009. Besides GameOver Zeus botnet, Bogachev is also accused of developing CryptoLocker Ransomware , which was designed to extort money from computer victims by holding their system

U.S. and European law enforcement agencies have shut down a highly sophisticated piece of the botnet that had infected more than 12,000 computers worldwide , allowing hackers to steal victims' banking information and other sensitive data. The law enforcement agencies from the United States, United Kingdom and the European Union conducted a joint operation to get rid of the botnet across the globe and seized the command-and-control server that had been used to operate the nasty Beebone (also known as AAEH ) botnet . What's a Botnet? A botnet is a network of large number of computers compromised with malicious software and controlled surreptitiously by hackers without the knowledge of victims. Basically, a "botnet" is a hacker's "robot" that does the malicious work directed by hackers. Hackers and Cyber Criminals have brushed up their hacking skills and started using Botnets as a cyber weapon to carry out multiple crimes such as DDoS attacks

It seems like the world has declared war against the Cyber Criminals. In a recent update, we reported that FBI is offering $3 Million in Reward for the arrest of GameOver Zeus botnet mastermind, and meanwhile British cyber-police has taken down widely-spread RAMNIT botnet . The National Crime Agency (NCA) in a joint operation with Europol's European Cybercrime Centre (EC3) and law enforcement agencies from Germany, Italy, the Netherlands, and the United Kingdom has taken down the Ramnit "botnet", which has infected over 3.2 million computers worldwide, including 33,000 in the UK. Alike GameOver Zeus, RAMNIT is also a ' botnet ' - a network of zombie computers which operate under criminal control for malicious purposes like spreading viruses, sending out spam containing malicious links, and carrying out distributed denial of service attacks (DDoS) in order to bring down target websites. RAMNIT believes to spread malware via trustworthy links se

The US State Department and the Federal Bureau of Investigation announced Tuesday a $3 Million reward for the information leading to the direct arrest or conviction of Evgeniy Mikhailovich Bogachev , one of the most wanted hacking suspects accused of stealing hundreds of millions of dollars with his malware. This is the highest bounty U.S. authorities have ever offered in any cyber case in its history. The 30-year-old Russian man who, according to bureau, is an alleged leader of a cyber criminal group who developed the GameOver Zeus botnet . STOLE MORE THAN $100 MILLION Evgeniy Mikhailovich Bogachev, also known under the aliases " lucky12345 ," " Slavik ," and " Pollingsoon, " was the mastermind behind the GameOver Zeus botnet , which was allegedly used by cybercriminals to infect more than 1 Million computers and resulted in more than $100 Million in losses since 2011. GameOver Zeus makes fraudulent transactions from online bank account

A newly discovered zombie network that exclusively targets Apple computers running Mac OS X across the globe has compromised roughly 17,000 machines so far, giving hackers backdoor access to infected computers, researchers at Russian antivirus firm Dr.Web warned. According to a survey of traffic conducted in September by researchers at Dr. Web, over 17,000 Macs globally are part of the Mac.BackDoor.iWorm botnet , which creates a backdoor on machines running OS X. Researchers say almost a quarter of iWorm botnet are located in the US. The most interesting thing to notice about this botnet is that it uses a special method of spreading via a search service of Reddit posts to a Minecraft server list subreddit to collect the IP addresses for its command and control (CnC) network. The user who had posted that subreddit data has now been shut down though the malware creators are likely to form another server list. " It is worth mentioning that in order to acquire a control server add

Researchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell ( Bash ), dubbed " Shellshock " which affects most of the Linux distributions and servers worldwide, and may already have been exploited in the wild to take over Web servers as part of a botnet that is currently trying to infect other servers as well. BOTNET ATTACK IN THE WILD The bot was discovered by the security researcher with the Twitter handle @yinettesys , who reported it on Github and said it appeared to be remotely controlled by miscreants, which indicates that the vulnerability is already being used maliciously by the hackers. The vulnerability (CVE-2014-6271) , which came to light on Wednesday, affects versions 1.14 through 4.3 of GNU Bash and could become a dangerous threat to Linux/Unix and Apple users if the patches to BASH are not applied to the operating systems. However, the patches for the vulnerabil

A New York-based online ad network company AppNexus, that provides a platform specializing in real-time online advertising, has again been spotted as the origin of a recent "malvertising" campaign that makes use of the Angler Exploit Kit to redirect visitors to malicious websites hosting the Asprox malware. AppNexus servers process 16 billion ad buys per day, making it the biggest reach on the open web after Google. Back in May, AppNexus was serving malicious ads targeting Microsoft's Silverlight platform. The world's largest Internet Video Subscription service Netflix runs on Silverlight, and because of its popularity, hackers have been loading exploit kits with Silverlight. As part of this campaign, users of several high-profile websites including Java.com, Deviantart.com, TMZ.com, Photobucket.com, IBTimes.com, eBay.ie, Kapaza.be and TVgids.nl , last week were redirected to websites serving malicious advertisements that infected visitors by installing botnet ma

Botnets - a secretly compromised networks of ordinary home and office computers with rogue software or "malware" that are controlled by an individual criminal or a group - has dramatically increased over the past several years and are considered to pose the biggest threat to the Internet. Cyber criminals have brushed-up their hacking skills and are using Botnets as a cyber weapon to carry out multiple crimes like DDoS attacks (distributed denial of service), mass spamming, page rank and advertising revenue manipulation, mining bitcoins, cyber espionage and surveillance etc. 18 BOTNET INFECTIONS PER SECOND According to the director of FBI's cyber division, Joseph Demarest, Botnet has become one of the biggest enemies of the Internet today, and therefore its impact has been significant. Yesterday during a hearing before a U.S. Senate committee, he says that every second 18 computers worldwide are part of botnet armies, which amounts to over 500 million comp