Experts On A New Botnet Is Covertly Targeting Millions Of Servers

Researchers have found what they believe is a previously undiscovered botnet that uses unusually advanced measures to covertly target millions of servers around the world. The botnet uses proprietary software written from scratch to infect servers and corral them into a peer-to-peer network, researchers from security firm Guardicore Labs reported on Wednesday. Peer-to-peer (P2P) botnets distribute their administration among many infected nodes rather than relying on a control server to send commands and receive pilfered data. With no centralized server, the botnets are generally harder to spot and more difficult to shut down.

More information: https://www.wired.com/story/a-new-botnet-is-covertly-targeting-millions-of-servers/

Experts Comments

August 25, 2020
Martin Jartelius
CSO
Outpost24
Administrators who do not protect SSH servers with a strong password have been at risk for almost 40 years now. It’s time to take responsibility, the Morris worm of 1988 targeted the same risk, but with technology and performance at par with the times it was released.
August 25, 2020
Chris Hauk
Consumer Privacy Champion
Pixel Privacy
The continual back and forth between the bad guys and the defenders have reached a new level, as the bad guys have discovered a "better way" to infect servers. Server administrators need to protect their SSH servers with both strong, secure passwords and cryptographic servers or run the risk of being infected, if they have not already been infected. Perhaps the scariest takeaway from all of this is that there is someone with the resources available to finance a sophisticated P2P botnet the.....Read More
The continual back and forth between the bad guys and the defenders have reached a new level, as the bad guys have discovered a "better way" to infect servers. Server administrators need to protect their SSH servers with both strong, secure passwords and cryptographic servers or run the risk of being infected, if they have not already been infected. Perhaps the scariest takeaway from all of this is that there is someone with the resources available to finance a sophisticated P2P botnet the size of Fritzfrog. This attack isn't one launched by "script kiddies" using ready-made attacks, but is instead developed by highly sophisticated software developers. This form of aggressive attack may be a harbinger of things to come.  Read Less
August 25, 2020
Javvad Malik
Security Awareness Advocate
KnowBe4
This latest botnet showcases how the capabilities of criminal operators continues to grow, as does their commitment to spreading malware. Not having a traditional CNC model can make these kinds of attacks difficult to detect and effectively block. So, it is important that organisations focus on the root causes which malware exploits to gain access. In this case, securing SSH servers, having strong authentication and anti brute-force controls can go a long way in protecting organisations.....Read More
This latest botnet showcases how the capabilities of criminal operators continues to grow, as does their commitment to spreading malware. Not having a traditional CNC model can make these kinds of attacks difficult to detect and effectively block. So, it is important that organisations focus on the root causes which malware exploits to gain access. In this case, securing SSH servers, having strong authentication and anti brute-force controls can go a long way in protecting organisations against this and similar threats.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts