Brute-Forcing Botnet Sniffs Out Lax POS Systems

Over a two-week time span earlier this year, a botnet composed of thousands of computers actively sought out and broke into exposed point of sale POS systems that used poor or default passwords. The botnet, dug up and dubbed BrutPOS by security firm FireEye, leveraged more than 5,000 machines and...

DHS Releases Hundreds of Documents on Wrong Project Aurora

In response to a Freedom of Information Act request for information about the Operation Aurora attack on Google and other organizations in 2009 the Department of Homeland Security released hundreds of pages of documents related not to that attack campaign, but to the Aurora project run at Idaho...

Facebook Carries Out Lecpetex Botnet Takedown

Facebook has moved slowly and deliberately into the realm of botnet takedowns by disrupting a relatively small operation in Greece that was using the social platform to spread spam and malware. Two arrests were made in connection with the Lecpetex botnet in Greece on July 3. The alleged botmaster...

Facebook Takes Down Bitcoin Stealing Botnet that Infected 250,000 Computers

Once again Facebook is on The Hacker News! This time not for any scam or surveillance, but for a different reason. The social networking giant has managed to take down a Greek botnet that used Facebook to spread malware and infected 250,000 computers to mine crypto-currencies, steal bitcoins, ema...

Microsoft Says 'Technical Error' Led to Legitimate No-IP Customers Losing Service

In the course of its actions to take down a major malware operation, Microsoft seized more than 20 domains from No-IP.com, a hosting provider in Nevada. Microsoft now admits that the company made a technical mistake as part of that takedown, an errors that resulted in legitimate No-IP.com custome...

New Cridex Banking Trojan variant Surfaces with Self-Spreading Functionality

In an effort to infect large number of people, cybercriminals have developed a new malicious software program that contains functionality to spread itself quickly. Geodo, a new version of the infamous Cridex also known as Feodo or Bugat banking information stealing Trojan works in conjunction wit...

Cythosia 2.x Botnet - SQL Injection Vulnerability

No description provided by source. Exploit Title: Cythosia Botnet SQL-Injection Vulnerability Date: 11.12.2013 Exploit Author: GalaxyAndroid Vendor Homepage: unkn0wn Application Screenshots http://www.xylibox.com/2012/08/cythosia-botnet-vnloader.html Version: 2.x Tested on: Windows 7 with Xampp...

Dexter (CasinoLoader) Panel - SQL Injection

No description provided by source. Exploit Title: Dexter CasinoLoader Panel SQLi Date: Feb, 13, 2014 Exploit Author: Brian Wallace @botnethunter Version: CasinoLoader Tested on: Windows 7, Ubuntu, Debian import pycurl import urllib import cStringIO import base64 import argparse import sys import...

vOlk Botnet Framework 4.0 - Multiple Vulnerabilities

No description provided by source. Title: ====== vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Date: ===== 2012-10-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=721 VL-ID: ===== 721 Common Vulnerability Scoring System: ==================================...

DNS Flood DDoS Attack Hit Video Gaming Industry with 90 Million Requests per Second

Hackers are leveraging large number of compromised machines a botnet network to carry out massive DNS Flood DDoS attack against a large Video Gaming Industry website, peaking above 110 Gbps. A US based security solutions provider Incapsula, is protecting a famous Video Gaming website from this hi...

Asprox Malware Borrowing Stealth from APT Campaigns

Cybercriminals and advanced attackers are freely borrowing from one another’s repertoires to great success. The latest example involves spammers firing off up to a half-million email messages during limited campaign segments without triggering any detection alarms. Security company FireEye said t...

Xenotix xBOT - A Cross Platform PoC Bot that abuse certain Google Services to implement it's C&C

Xenotix xBOT is a proof of concept cross platform Linux, Windows, Mac bot written in Python that abuse certain Google Services to implement Command & Control Center for the botnet. The Google Apps Data API, Google Forms and Google Spreadsheet is abused to implement C2 for a bot network. The Googl...

Android Ransomware First to Encrypt Data on Mobile Devices

A strain of ransomware that encrypts data on Android mobile devices, the first of its kind, has spread to 13 countries since it was first spotted less than a month ago. Researchers at Kaspersky Lab today disclosed details on Pletor, an expensive Trojan that popped up on an underground forum selli...

VN Loader Authorization Bypass Vulnerability

VN Loader is botnet. Exploit is auth bypass with SQLi. SQLi can be used for more, but proof is auth bypass. Usage Info Change panelurl to url for bot panel. If disable actually connect, will not connect to panel, but only give you credentials. Credentials also in code comments. This is private...

GameOver Zeus Takedown Shows Good Early Returns

The effect of the takedown of the GameOver Zeus botnet this week has been immediate and significant. Researchers who track the activity of the peer-to-peer botnet’s activity say that the volume of packets being sent out by infected machines has dropped to almost zero. On Friday, the FBI and...

FBI, European Authorities Go After GameOver Zeus Botnet

UPDATE–Law enforcement agencies in Europe and the United States, including Europol and the FBI, ran a coordinated takedown of the GameOver Zeus botnet on Friday, seizing servers and disrupting the botnet’s operation. Authorities say that the same botnet has been used to distribute the CryptoLocke...

USPS Spam Campaign Drops Asprox Botnet Malware

A new spam campaign has emerged in support of the Asprox botnet. The scheme involves shipping receipt emails that contain malicious links and purport to come from the United States Postal Service USPS. Anyone who receives one of these emails and clicks on the link therein will have a zip file...

New Point-of-Sale Malware Compromises 1,500 Devices Worldwide

In past few months, the malware developers are more focusing on proliferating and upgrading malicious malwares to target Point-of-Sale POS machines. Due to the lack of concern and security measures, point-of-sale POS systems have become an attractive target for cybercriminals and malware writers...

Anti-DDoS Services Abused to Carry Out DDoS Attack with 1.5 Billion Requests/Minute

Till Now the Internet was encountering the traditional Distributed Denial of Service DDoS attacks, where a large number of compromised systems use to flood servers with tremendous amount of bandwidth; but in past few months we have noticed massive change in the techniques of DDoS attack. Hackers...

Beware! Cyber Criminals Spreading Click Fraud Trojan for Making Money

Before Ransomware, Click fraud was one of the popular and efficient ways for cybercriminals to make money and with the explosive growth in the size of the online threats it is still making its way on the Internet. “Click-Fraud” is the practice of deceptively clicking on search ads with the...