New Botnet Revealed, Takes Over Malware Web Servers

By   ISBuzz Team
Writer , Information Security Buzz | Aug 23, 2019 04:25 am PST

A major botnet operation has been attacking and taking over the web shells (backdoors on web servers) of other malware operations for more than a year, security researchers from Positive Technologies have revealed. Researchers linked the botnet to a former Windows trojan named Neutrino (also known as Kasidet), whose operators appear to have shifted from targeting desktop users to online servers, on which they install a cryptocurrency-mining malware.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Amir Shaked
Amir Shaked , VP, R&D
August 23, 2019 12:31 pm

Once they are established, botnets are often used as a proxy to conduct attacks. It\’s very common for them to be rented out, as part of the cybercrime-as-a-service economy, for credential stuffing and DDoS. During idle time they are used for crypto-mining.
To protect themselves, businesses need to think about hybrid threats, as these botnets provide a wide range of access points from residential origins and can’t be easily blocked.

Last edited 4 years ago by Amir Shaked

Recent Posts

Would love your thoughts, please comment.x