Bleeping Computer

P2PInfect botnet targets REdis servers with new ransomware module

P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers. According to Cado ...
The Hacker News

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

KadNap botnet infects 14,000+ routers using DHT-based P2P control while ClipXDaemon hijacks crypto wallets on Linux X11.
Fudzilla

Dutch coppers pull Grum botnet servers

Dutch coppers have pulled the plug on the Grum botnet just a week after the servers were identified by malware intelligence firm FireEye. The speedy removal of the servers shines light on how quickly ...
SiliconANGLE

Botnets leverage decade-old D-Link vulnerabilities in new attack campaigns

A new report out today from Fortinet Inc.’s FortiGuard Labs details the activities of two different botnets observed through October and November that are being spread through vulnerabilities in ...
Bleeping Computer

MikroTik botnet uses misconfigured SPF DNS records to spread malware

A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. The ...
Dark Reading

400K Linux Servers Recruited by Resurrected Ebury Botnet

A Linux-based botnet is alive and well, powering cryptocurrency theft and financial scams years after the imprisonment of one the key perpetrators behind it. The Ebury botnet — which was first ...
Security Boulevard

How Threat Actors Turned OpenClaw Into a Scraping Botnet

How did OpenClaw become botnet infrastructure so quickly? DataDome analyzes the hijacked AI agents scraping sites at scale ...
CSOonline

Mirai-based NoaBot botnet deploys cryptominer on Linux servers

A new botnet has been slowly growing over the past year by brute-forcing SSH logins and deploying cryptomining malware on Linux servers. The main bot client is based on the old Mirai worm whose source ...
SiliconANGLE

New Mirai variant ‘Murdoc_Botnet’ targets AVTECH cameras and Huawei routers

Researchers at cybersecurity software provider Qualys Inc. are warning of a new Mirai botnet variant that’s being used to target vulnerabilities in AVTECH Cameras and Huawei HG523 routers. The variant ...
InfoWorld

Grum botnet takedown puts spam on the run

Security firm FireEye helps bring down the world's third-largest spam botnet, and its spam drops from a deluge down to a trickle One down, two more to go? On Wednesday a Russian Internet service ...
WeLiveSecurity

Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and ...

Ten years ago we raised awareness of Ebury by publishing a white paper we called Operation Windigo, which documented a campaign that leveraged Linux malware for financial gain. Today we publish a ...