Researchers from HUMAN have taken down a sizeable ad fraud scheme that spoofed more than 1,700 apps and managed to generate 12 billion ad requests a day. By injecting JavaScript into the ads, the scammers were able to layer multiple ads, registering views for ads that users did not see. HUMAN dubbed the malicious campaign …
Botnet
Updated on 2022-12-16 Microsoft warned of a cross-platform botnet, MCCrash, launching DDoS attacks against private Minecraft servers. The tech giant tracks the threat actor as DEV-1028. Read more: MCCrash: Cross-platform DDoS botnet targets private Minecraft servers Updated on 2022-12-15 Microsoft has a report on MCCrash, an IoT botnet operated by the DEV-1028 threat actor and …
Updated on 2022-12-13 Fortinet said it recently linked a Go-based CMS scanner and brute-forcing tool to a new botnet named GoTrim. According to the company, this new botnet appears to have been created around September 2022 and is mostly comprised of hacked WordPress sites, although evidence suggests GoTrim can also infect Joomla, OpenCart, and DataLife-based …
Updated on 2022-12-01: KmsdBot goes down Akamai researchers said they found a bug in the C&C communication system used by the KmsdBot cryptomining botnet that allowed them to crash the malware on all infected systems worldwide. Read more: Accidentally Crashing a Botnet Updated on 2022-11-30: Akamai Researchers Inadvertently Crash Botnet While monitoring the KmsdBot cryptomining …
Updated on 2022-12-07 Chinese security firm Antiy has confirmed the use of the Torii botnet by Vietnamese APT group OceanLotus. Last month, both Weibu and QiAnXin said that OceanLotus operators appear to be using the Torii IoT botnet to disguise the origin of their attacks. Updated on 2022-11-15: OceanLotus attacks Chinese security firm QiAnXin published …
Updated on 2022-11-09 Cloud9, a new Chrome browser-based botnet, was found leveraging malicious extensions to pilfer online accounts, inject malicious JavaScript code and ads, log keystrokes, and enroll the victim’s browser in DDoS attacks. Read more: Malicious extension lets attackers control Google Chrome remotely Overview Zimperium researchers took a deep dive into Cloud9, a malicious …
Updated on 2022-11-21: Emotet’s return Deep Instinct researchers have an analysis of Emotet’s return, the infamous spam botnet that has been asleep since June this year. More on this from Proofpoint too. Read more: Emotet’s Vacation is Over: No Rest for the Wicked A Comprehensive Look at Emotet’s Fall 2022 Return Updated on 2022-11-18: Emotet’s …