A Europol-headed law enforcement operation has put a serious dent in the dropper malware ecosystem, disrupting the botnets that these dropper systems rely on to function, with over 100 servers and 2,000 domains impacted across about a dozen countries.
The long-running Qakbot malware botnet was disrupted by international law enforcement action in August, but its operators appear to still have some capability and are continuing to run spam email campaigns that attempt to pass ransomware.
The operation disrupted Russian GRU control over infected devices by removing Cyclops Blink botnet malware from the infected WatchGuard Firebox devices used as command-and-control (C2) servers.
Pernicious botnet used for cryptojacking has taken a major blow thanks to Google. Glupteba has been operating for some months and was thought to be compromising thousands of people per day at its peak.
Botnet discovered by Chinese researchers introduced a backdoor and a web shell on compromised AT&T VoIP servers, mostly in the US, for DDoS attacks and data exfiltration.
Yandex warded off the largest DDoS attack in history recorded at 22 million requests per second and attributed to a new botnet Meris that exploits MikroTik devices.
The US Cyber Command is expecting the TrickBot botnet to be involved in election interference attempts, and is actively running persistent operations against it along with Microsoft.
Rapidly evolving botnet Dark Nexus is threatening IoT security as the dependency on connected devices grows with remote working during COVID-19 pandemic.
Stolen documents from Russia’s FSB indicate that the country is building an IoT botnet capable of gigantic DDoS attacks by rounding up millions of poorly-secured devices.
Learn about the top five attacks that use malicious bots and find out how organizations can keep the harmful automated traffic out of their companies sites and away from their customers.