According to Netlab researchers, a cybercrime group is enslaving Linux servers running vulnerable Webmin apps into a new botnet that they have named “Roboto.” Its appearance dates back to summer and is linked to the disclosure of a major security flaw in a web app installed on more than 215,000 servers.
https://twitter.com/enchantech/status/1197454731997663233
Once established, botnets are often used as a proxy to conduct attacks. It\’s very common for them to be rented out, as part of the cybercrime-as-a-service economy, for DDoS as well as other attacks like credential stuffing and crypto-mining. The rate at which these botnets grow means attacks will only be more distributed and harder to identify and protect against. To best protect themselves, businesses need to think about these hybrid threats, as these botnets provide a wide range of access points from residential origins and can’t be easily blocked.