10 matches found
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service DDoS malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting the United States. "From 2020 to 2023, the XorDDoS trojan has increased significantly...
Unmasking the new XorDDoS controller and infrastructure
Cisco Talos observed an existing distributed denial-of-service DDoS malware known as XorDDoS, continuing to spread globally between November 2023 and February 2025. A significant finding shows that over 70 percent of attacks using XorDDoS targeted the United States from Nov. 2023 to Feb. 2025. Th...
New Linux Krasue RAT Targeting Telecom Companies in Thailand
Summary: Krasue, a new Linux Remote Access Trojan, targets Thai organizations, primarily in telecommunications, using embedded rootkits and a unique RTSP-based communication tactic. Believed to be connected to XorDdos, it evades detection through various stealth measures, emphasizing the importan...
New Stealthy 'Krasue' Linux Trojan Targeting Telecom Firms in Thailand
A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since 2021. Named after a nocturnal female spirit of Southeast Asian folklore, the malware is "able to conceal...
A New XorDDoS Linux Trojan That Launches Powerful DDoS Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The XorDDoS Trojan, a Linux-based malware, orchestrates DDoS attacks through infected devices, with a recent campaign detected in 2023. Attackers employ scanning, persistence, and C2 infrastructure...
New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers
Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. "Underpinning this campaign was the use of transfer.sh," Cado Security said in a report shared with The...
Massive increase in XorDDoS Linux malware in last six months
Microsoft says its recorded a massive increase in XorDDoS activity 254 percent in the last six months. XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie MMD. MMD believed the Linux Trojan originated in China...
Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
A Linux botnet malware known as XorDdos has witnessed a 254% surge in activity over the last six months, according to latest research from Microsoft. The trojan, so named for carrying out denial-of-service attacks on Linux systems and its use of XOR-based encryption for communications with its...
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as well as its usage of XOR-based...
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as well as its usage of XOR-based...