New Botnet Revealed, Takes Over Malware Web Servers

A major botnet operation has been attacking and taking over the web shells (backdoors on web servers) of other malware operations for more than a year, security researchers from Positive Technologies have revealed. Researchers linked the botnet to a former Windows trojan named Neutrino (also known as Kasidet), whose operators appear to have shifted from targeting desktop users to online servers, on which they install a cryptocurrency-mining malware.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Amir Shaked
Amir Shaked , VP, R&D
InfoSec Expert
August 23, 2019 12:31 pm

Once they are established, botnets are often used as a proxy to conduct attacks. It\’s very common for them to be rented out, as part of the cybercrime-as-a-service economy, for credential stuffing and DDoS. During idle time they are used for crypto-mining.
To protect themselves, businesses need to think about hybrid threats, as these botnets provide a wide range of access points from residential origins and can’t be easily blocked.

Last edited 3 years ago by Amir Shaked
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x