Search results for sms bomber tool | Breaking Cybersecurity News | The Hacker News

A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign. The novel loader, dubbed Nimbda, is "bundled with a Chinese language greyware 'SMS Bomber' tool that is most likely illegally distributed in the Chinese-speaking web," Israeli cybersecurity company Check Point  said  in a report. "Whoever crafted the Nim loader took special care to give it the same executable icon as the SMS Bomber that it drops and executes," the researchers said. "Therefore the entire bundle works as a trojanized binary." SMS Bomber, as the name indicates, allows a user to input a phone number (not their own) so as to flood the victim's device with messages and potentially render it unusable in what's a denial-of-service (DoS) attack. The fact that the binary doubles up as SMS Bomber and a backdoor suggests that t...

Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. "On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor," Socket researcher Kirill Boychenko said . The deceptive package, named "golang-random-ip-ssh-bruteforce," has been linked to a GitHub account called IllDieAnyway (G3TT), which is currently no longer accessible. However, it continues to be available on pkg.go[.]dev. It was published on June 24, 2022. The software supply chain security company said the Go module works by scanning random IPv4 addresses for exposed SSH services on TCP port 22, then attempting to brute-force the service using an embedded username-password list and exfiltrating the successful credentials to the attacker. A notable aspect of th...