New Mirai Variant Roars into Action With 54 Hour DDoS Attacks

A variant of the Mirai malware pummeled a U.S. college last month with a marathon 54-hour long attack. Researchers say this latest Mirai variant is a more potent version of the notorious Mirai malware that made headlines in October, targeting DNS provider Dyn and the Krebs on Security website. Th...

NukeBot Banking Trojan Source Code Leaked Online by Author

The author behind NukeBot, a modular banking Trojan, released source code for the malware earlier this month in an apparent effort to regain the trust of the cybercrime community. Gosya, NukeBot’s creator, posted a GitHub link to the malware, calling it a “zeus-like banking trojan,” on several...

DblTekGoIPPwn - Tool to check if an IP of a DblTek GoIP is vulnerable to a challenge-response login system, execute remote commands botnet style, and generate responses to challenges

Tool to exploit challenge response system in vulnerable DblTek GoIP devices. Can generate responses to specified challenges, test hosts for the vulnerability, run commands on vulnerable hosts, and drop into a root shell on any vulnerable host. The Vulnerability On March 2nd, 2017, Trustwave...

Hacker Who Used Linux Botnet to Send Millions of Spam Emails Pleads Guilty

A Russian man accused of infecting tens of thousands of computer servers worldwide to generate millions in illicit profit has finally entered a guilty plea in the United States and is going to face sentencing in August. Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty in a US federal...

Fraudsters Using GiftGhostBot Botnet to Steal Gift Card Balances

Gift cards have once again caused quite a headache for retailers, as cyber criminals are using a botnet to break into and steal cash from money-loaded gift cards provided by major retailers around the globe. Dubbed GiftGhostBot, the new botnet specialized in gift card fraud is an advanced...

DDoS of Past, Present and Future

The pervasiveness of technology has meant automation of tasks, allowing better productivity, with more time to do more. However, the dark side of technology would be that enterprises and individuals alike are vulnerable to cybercrimes, compromise of identities, loss of data and subject to malicio...

strutszeiro - Telegram Bot to manage botnets created with struts vulnerability (CVE-2017-5638)

Telegram Bot to manage botnets created with struts vulnerabilityCVE-2017-5638 Dependencies pip install -r requeriments.txt Config Create a telegram bot, save the API token in config/token.conf Create a telegram group, save the group id in config/group.conf Start python strutszeiro.py Telegram Usa...

Multiple IP-Cameras (P2P) WIFICAM Cameras Multiple Vulnerabilities

Multiple IP-Camera devices are prone to multiple vulnerabilities. This vulnerability was known to be exploited by the IoT Botnet SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Necurs Botnet Learns New DDoS Trick

The Necurs botnet has learned a new trick. Instead of spewing spam delivering Locky ransomware, the notorious botnet is now capable of launching DDoS attacks. According to BitSight’s Anubis Labs, the malware was modified in September to include a module that adds DDoS capabilities and new proxy...

Hacker Who Knocked Million Routers Offline Using MIRAI Arrested at London Airport

British police have arrested a suspect in connection with the massive attack on Deutsche Telekom that hit nearly 1 Million routers last November. Late last year, someone knocked down more than 900,000 broadband routers belonging to Deutsche Telekom users in Germany, which affected the telephony,...

Windows Botnet Spreading Mirai Variant

A Chinese-speaking attacker is spreading a Mirai variant from a repurposed Windows-based botnet. Researchers at Kaspersky Lab published a report today, and said the code was written by an experienced developer who also built in the capability to spread the IoT malware to Linux machines under...

New Windows Trojan Spreads MIRAI Malware To Hack More IoT Devices

MIRAI – possibly the biggest IoT-based malware threat that emerged last year, which caused vast internet outage in October last year by launching massive distributed denial-of-service DDoS attacks against the popular DNS provider Dyn. Now, the infamous malware has updated itself to boost its...

Massive Twitter Botnet Dormant Since 2013

A sizable and dormant Twitter botnet has been uncovered by two researchers from the University College London, who expressed concern about the possible risks should the botmaster decide to waken the accounts under his control. Research student Juan Echeverria Guzman and his supervisor and senior...

Chromebackdoor graniet v3.0 web panel Multi Vulnerability

Exploit for php platform in category web applications Exploit Title: botnet graniet chrome backdoor v3.0 web panel multi vulnerability Date: 10-1-2017 Exploit Author: alqnas eslam Vendor Homepage:fb.com/alqnas4 Software Link:https://github.com/graniet/chromebackdoor Tested on:any os 1- cross site...

Necurs Botnet Limps Back into Action After Lull

Researchers say Locky spam volumes are limping back into action with two new and tiny campaigns that could reveal telltale signs of a future full-scale attack. Cisco Talos said since late December, Necurs botnet activity has been silent. So too have campaigns tied to Locky ransomware; chiefly...

Malware exploit: Xdh

Type: Remote Code Execution Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...

Malware exploit: Cythosia

Type: Stored XSS and iFrame redirect Click add task Command: IFRAME SRC="whateverekorlemonpartyorwhatnot.com" /IFRAME Then Click Create Task Finally click Tasks. VOILA! Credits to asterea for finding this botnet panel...

Malware exploit: Zemra

Type: Remote Code Execution Vuln: -a Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...

New Wave of Hailstorm Spam Pelts Inboxes

Spammers are turning to an old technique known as hailstorm to slip past anti-spam and anti-malware filters. Researchers say that hailstorm spam, first spotted in 2008, has been improved and is once again being used, only this time to spread Dridex banking malware and Locky ransomware. “Hailstorm...

Netgear R7000/R6400 like router exposure remote arbitrary command injection vulnerability, CERT recommends that a comprehensive moratorium on the use-vulnerability warning-the black bar safety net

You with Netgear NETGEAR router? The recent need to be extra careful, especially router model R7000 and R6400 users-Netgear other models the users also need to beware. CERT/CC-us computer Emergency Response Team Coordination Center on Friday issued a security Bulletin, users are advised to suspen...