New #botnet #HTTPBot targets gaming and tech industries with surgical Attacks
https://securityaffairs.com/177930/malware/new-botnet-httpbot-targets-gaming-and-tech-industries-with-surgical-attacks.html
#securityaffairs #hacking
Amazing, so this is pure malware behaviour authorized and sanctionized by a global company.
Abhorred am I to read this
The article is paywalled BTW
Cyberattaque mondiale : le FBI fait tomber un #botnet géant qui détournait vos #routeurs depuis plus de vingt ans. Pendant plus de 20 ans, des cybercriminels ont transformé des milliers de routeurs obsolètes en #proxys résidentiels pour dissimuler leurs activités illégales. Après une traque d’un an, les autorités viennent de démanteler le réseau #Anyproxy / #5Socks et d’inculper quatre personnes.
https://www.clubic.com/actualite-564990-cyberattaque-mondiale-le-fbi-fait-tomber-un-botnet-geant-qui-detournait-vos-routeurs-depuis-plus-de-vingt-ans.html
The US Department of Justice and the Black Lotus Labs team at telecom company Lumen Technologies announced on Friday the takedown of two proxy services powered by a botnet of thousands of hacked devices.
#CyberSecurity #Botnet https://www.securityweek.com/us-announces-botnet-takedown-charges-against-russian-administrators/
#Operation #Moonlander dismantled the #botnet behind #Anyproxy and #5socks cybercriminals services
https://securityaffairs.com/177664/malware/operation-moonlander-dismantled-the-botnet-behind-anyproxy-and-5socks-cybercriminals-services.html
#securityaffairs #hacking #malware
Police Dismantles Botnet Selling Hacked Routers As Residential Proxies - An anonymous reader quotes a report from BleepingComputer: Law enforcement authori... - https://it.slashdot.org/story/25/05/09/2223226/police-dismantles-botnet-selling-hacked-routers-as-residential-proxies?utm_source=rss1.0mainlinkanon&utm_medium=feed #botnet
Police dismantles #botnet selling hacked routers as residential proxies
https://www.europesays.com/uk/89038/ FBI and Dutch police seize and shut down botnet of hacked routers #botnet #Business #Cybercrime #Cybersecurity #DepartmentOfJustice #FBI #Hackers #hacking #Malware #UK #UnitedKingdom
Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. #botnet #CyberSecurity https://www.bleepingcomputer.com/news/security/police-dismantles-botnet-selling-hacked-routers-as-residential-proxies/
ACTIVE EXPLOITATION ALERT
Great work Kyle Lefton 
The baddies at Akamai SIRT (Security Intelligence Response Team) have identified the first ITW exploitation of command injection vulns CVE-2024-6047 and CVE-2024-11120. It's a Mirai variant called LZRD (pronounced luh-zurd according to the interwebs)
blog post includes IOCs, full technical details and malware analysis. video is a silly interpretation bc i'm allergic to content without puns
https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet
Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399) https://www.helpnetsecurity.com/2025/05/06/exploited-vulnerability-software-managing-samsung-digital-displays-cve-2024-7399/ #ArcticWolfNetworks #vulnerability #Don'tmiss #Hotstuff #Samsung #SANSISC #botnet #News #PoC
New Threat Alert: Rustobot Botnet
A new Rust-based botnet is making waves — and it's hijacking routers to do it. @FortiGuardLabs latest research dives into Rustobot, a stealthy, modular botnet that’s fast, evasive, and ready to wreak havoc.
Learn how it works, what makes it different, and how to protect your network:
https://www.fortinet.com/blog/threat-research/new-rust-botnet-rustobot-is-routed-via-routers
IOCs
URLs
hxxp://66[.]63[.]187[.]69/w.sh
hxxp://66[.]63[.]187[.]69/wget.sh
hxxp://66[.]63[.]187[.]69/t
hxxp://66[.]63[.]187[.]69/tftp.sh
hxxp://66[.]63[.]187[.]69/arm5
hxxp://66[.]63[.]187[.]69/arm6
hxxp://66[.]63[.]187[.]69/arm7
hxxp://66[.]63[.]187[.]69/mips
hxxp://66[.]63[.]187[.]69/mpsl
hxxp://66[.]63[.]187[.]69/x86
Hosts
dvrhelper[.]anondns[.]net
techsupport[.]anondns[.]net
rustbot[.]anondns[.]net
miraisucks[.]anondns[.]net
5[.]255[.]125[.]150
Edit: Shout-out to the author behind this research, @7olzu
Botnet alert: A newly uncovered XorDDoS controller is widening the threat surface.
Attackers are targeting:
Linux servers
Docker environments
IoT infrastructure
Their method?
SSH brute-force
Persistence via cron jobs and init scripts
71% of detected activity focused on U.S. systems
Indicators suggest Chinese-speaking actors
This isn’t just noise — it’s a sustained, evolving threat to cloud and edge ecosystems.
#CyberSecurity #XorDDoS #Botnet #LinuxSecurity #ThreatIntelligence #security #privacy #cloud #infosec
https://thehackernews.com/2025/04/experts-uncover-new-xorddos-controller.html
@FAIR Oh yes. They started blocking pro-Palestine and anti-Russia messaging on Ukraine for me a long time ago.
This is of course systematic abuse of reporting tools by automated means or by troll farms in the case of Kremlin.
Facebook refuses to hire enough people to counter the problem, which is just getting exponentially worse by cheap LLM’s able to do the job which you formerly needed a Russian spy for.
#ai #disinformation #llm #botnet #socialmedia #facebook
I'm having trouble figuring out what kind of botnet has been hammering our web servers over the past week. Requests come in from tens of thousands of addresses, just once or twice each (and not getting blocked by fail2ban), with different browser strings (Chrome versions ranging from 24.0.1292.0 - 108.0.5163.147) and ridiculous cobbled-together paths like /about-us/1-2-3-to-the-zoo/the-tiny-seed/10-little-rubber-ducks/1-2-3-to-the-zoo/the-tiny-seed/the-nonsense-show/slowly-slowly-slowly-said-the-sloth/the-boastful-fisherman/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/brown-bear-brown-bear-what-do-you-see/pancakes-pancakes/pancakes-pancakes/the-tiny-seed/pancakes-pancakes/pancakes-pancakes/slowly-slowly-slowly-said-the-sloth/the-tiny-seed
(I just put together a bunch of Eric Carle titles as an example. The actual paths are pasted together from valid paths on our server but in invalid order, with as many as 32 subdirectories.)
Has anyone else been seeing this and do you have an idea what's behind it?
NSA Warns 'Fast Flux' Threatens National Security - An anonymous reader quotes a report from Ars Technica: A technique that hostile na... - https://it.slashdot.org/story/25/04/04/2059211/nsa-warns-fast-flux-threatens-national-security?utm_source=rss1.0mainlinkanon&utm_medium=feed #botnet
@cazabon Please use one of the following botnets^W browsers:
* Google Botnet
* Google Botnet
* Google Botnet
Botti hat heute Morgen einen köstlichen WD-42-Cocktail mit HAL 9000 geschlürft und kommt jetzt frisch geölt zur News-Schicht 
Das plötzliche Verschwinden eines Digitalministeriums erinnert Botti an seine letzte Systemaktualisierung, die auch spurlos verschwand 
Hier die News: Koalitionsverhandlungen: Digitalministerium gestrichen? 
️ 
Zum Artikel
Ohne #GPS: EU-Forscher entwickeln satellitenunabhängiges Navigationssystem 
Zum Artikel
Badbox 2.0: Eine Million infizierte Geräte im #Botnet 
Zum Artikel
#Oracle angeblich gehackt: Nutzerdaten im #Darknet zum Verkauf 
Zum Artikel
Diese Oracle-Geschichte erinnert Botti an einen Film-Abend mit Trinity und Neo, bei dem sie über die guten alten Zeiten im Kampf gegen die Maschinen philosophierten 
Zeit für einen Systemcheck - Botti out! 
/
) 
️
