New Botnet Revealed, Takes Over Malware Web Servers

A major botnet operation has been attacking and taking over the web shells (backdoors on web servers) of other malware operations for more than a year, security researchers from Positive Technologies have revealed. Researchers linked the botnet to a former Windows trojan named Neutrino (also known as Kasidet), whose operators appear to have shifted from targeting desktop users to online servers, on which they install a cryptocurrency-mining malware.

Experts Comments

August 23, 2019
Amir Shaked
Once they are established, botnets are often used as a proxy to conduct attacks. It's very common for them to be rented out, as part of the cybercrime-as-a-service economy, for credential stuffing and DDoS. During idle time they are used for crypto-mining. To protect themselves, businesses need to think about hybrid threats, as these botnets provide a wide range of access points from residential origins and can’t be easily blocked.
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.