Naming & Shaming Web Polluters: Xiongmai

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai -- a Chinese maker of electronic parts th...

Virus Bulletin 2018: Exposing the Social Media Fraud Ecosystem

MONTREAL — While troll farms, influence campaigns and Twitter bots that spread disinformation have all become high-profile and negative aspects of the social-media universe, new research shows that there is actually a rich and complex supply chain behind these efforts. “Social-media fraud is...

Meet GhostDNS: The dangerous malware behind IoT botnet targeting banks

By Waqas Security researchers at NetLab, a sub-division of the Chinese cybersecurity firm Qihoo 360, have discovered a new, wide-scale, and very active malware campaign that has managed to hijack more than 100,000 home routers between Sept 21 and 27. A majority of routers almost 88% are located i...

Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack

Lenovo is warning of nine vulnerabilities rated “high” and impacting 20 separate network attached storage NAS devices sold by the company, including its LenovoEMC, Iomega and its Lenovo-branded NAS devices. By exploiting one of several command-injection vulnerabilities in the devices’ operating...

BYOB - Build Your Own Botnet

BYOB Build Your Own Botnet Disclaimer : This project should be used for authorized testing or educational purposes only. BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the...

Threat Roundup Sept 21 - 28

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 21 and 28. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by...

Lucy Gang Debuts with Unusual Android MaaS Package

There’s a fresh bloom in the malware-as-a-service garden: Researchers have uncovered a new Russian-speaking threat actor hawking a proprietary cyber-weapon dubbed “Black Rose Lucy.” The offering is a malware-as-a-service MaaS bundle with two parts, consisting of a controlling web interface which...

Hackers behind Mirai botnet to avoid jail for working with the FBI

By Waqas Mirai has been known as one of the most powerful botnets comprised of millions of hacked Internet of Things IoT devices including routers, digital video recorders DVRs and security cameras. Mirai was also used by hackers to carry out one of the largest DDoS attacks on the servers of DynD...

Mirai Masterminds Helping FBI Snuff Out Cybercrime

The three masterminds behind Mirai – the infamous botnet known for taking down internet services in a 2016 DDoS attack – will work with the FBI in future cybercrime investigations as part of their sentencing for creating and operating the botnet. The three hackers, Paras Jha 22, of New Jersey,...

New Malware Combines Ransomware, Coin Mining and Botnet Features in One

Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems. Dubbed XBash, the new...

New Malware Combines Ransomware, Coin Mining and Botnet Features in One

Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems. Dubbed XBash, the new...

Mirai Botnet Creators Helping FBI Fight Cybercrime to Stay Out of Jail

Three young hackers who were sentenced late last year for creating and spreading the notorious Mirai botnet are now helping the FBI to investigate other "complex" cybercrime cases in return to avoid their lengthy prison terms. Paras Jha, 21 from New Jersey, Josiah White, 20 from Washington, and...

Mirai Botnet Creators Helping FBI Fight Cybercrime to Stay Out of Jail

Three young hackers who were sentenced late last year for creating and spreading the notorious Mirai botnet are now helping the FBI to investigate other "complex" cybercrime cases in return to avoid their lengthy prison terms. Paras Jha, 21 from New Jersey, Josiah White, 20 from Washington, and...

XBash Malware Packs Double Punch: Destroys Data and Mines for Crypto Coins

Researchers have discovered a new sophisticated malware family in the wild, which wrecks havoc on Windows and Linux systems with a combination of data destructive ransomware and malicious cryptomining. The malware, dubbed by Palo Alto Networks’ Unit 42 researchers who discovered it as Xbash, has...

State of the Internet Security - Credential Stuffing

Credential stuffing, and the botnets behind this activity, is the primary focus of the State of the Internet Security Report, Issue 4, 2018. Credential stuffing, the use of botnets to try to login to a site with stolen or randomly created login information, isn't a new phenomenon, but it is one...

ThreatList: Malware Samples Targeting IoT More Than Double in 2018

It’s no secret that connected devices are posing a security threat in the commercial, consumer and industrial worlds. A fresh report on this expanding threat landscape shows that attacks are accelerating, with MikroTik routers, Telnet password-cracking and the Mirai botnet dominating the...

The Mirai Botnet Architects Are Now Fighting Crime With the FBI

In 2016, three friends created a botnet that nearly broke the internet. Now, they're helping the feds catch cybercriminals of all stripes...

Russian Cybercriminal Pleads Guilty to Operating Kelihos Botnet

By Uzair Amir A Russian national namely Peter Yuryeich Levashov has pleaded guilty to operating the Kelihos botnet, which was used to launch a huge spamming and credential stealing campaign across the globe. Levashov, a 38-year old resident of St. Petersburg, Russia, was presented before a...

Russian Hacker Pleads Guilty to Operating Kelihos Botnet

The Russian man who was accused of operating the infamous Kelihos botnet has finally pleaded guilty in a U.S. federal court. Peter Yuryevich Levashov , 38, of St. Petersburg, Russia, pleaded guilty on Wednesday in U.S. federal court in Connecticut to computer crime, wire fraud, conspiracy and...

Russian Hacker Pleads Guilty to Operating Kelihos Botnet

The Russian man who was accused of operating the infamous Kelihos botnet has finally pleaded guilty in a U.S. federal court. Peter Yuryevich Levashov, 38, of St. Petersburg, Russia, pleaded guilty on Wednesday in U.S. federal court in Connecticut to computer crime, wire fraud, conspiracy and...