5 matches found
Experts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network
The Keksec threat actor has been linked to a previously undocumented malware strain, which has been observed in the wild masquerading as an extension for Chromium-based web browsers to enslave compromised machines into a botnet. Called Cloud9 by security firm Zimperium, the malicious browser add-...
Enemybot malware expands its arsenal by exploiting well-known vulnerabilities
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary EnemyBot, a Mirai-based botnet, is expanding its arsenal by exploiting well-known vulnerabilities in log4j, VMware workspace, Spring Framework, and others. Keksec, also known as Nero and Freakout, is the threat...
EnemyBot Malware Targets Web Servers, CMS Tools and Android OS
A rapidly evolving IoT malware dubbed “EnemyBot” is targeting content management systems CMS, web servers and Android devices. Threat actor group “Keksec” is believed behind the distribution of the malware, according to researchers. “Services such as VMware Workspace ONE, Adobe ColdFusion,...
EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities
A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems CMS. "The malware is rapidly adopting one-day vulnerabilities as part of its...
New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt
A threat group that pursues crypto mining and distributed denial-of-service DDoS attacks has been linked to a new botnet called Enemybot, which has been discovered enslaving routers and Internet of Things IoT devices since last month. "This botnet is mainly derived from Gafgyt's source code but h...