botnet Archives - Gridinsoft Blogs

Security News

20 Dangerous Types of Cybersecurity Threats 2022

ByStephanie AdlamApril 27, 2022

The cybersecurity threats in 2022 are more considerable than ever. Due to the emergence of efficient ransomware, coin miners, spyware, and so on, hacking has become a consistently profitable business. Knowing about cybersecurity threats is crucial because it livens up the

Security News

Shuckworm hackers attack Ukrainian organizations with new variant of Pteredo backdoor

ByVladimir KrasnogolovyApril 20, 2022

Specialists from the cybersecurity company Symantec reported attacks by the cybercriminal group Shuckworm (Armageddon or Gamaredon) on Ukrainian organizations using a new version of the Pteredo (Pteranodon) custom backdoor. The group, linked by experts to Russia, has been

Security News

Emotet now installs Cobalt Strike beacons

ByVladimir KrasnogolovyDecember 9, 2021

The researchers warn that Emotet now directly installs Cobalt Strike beacons on infected systems, providing immediate access to the network for attackers. Those can use it for lateral movement, which will greatly facilitate extortion attacks. Let me remind you that usually

Security News

Google Stops Glupteba Botnet and Sues Two Russians

ByVladimir KrasnogolovyDecember 8, 2021

Google representatives said that they stopped the work of the Glupteba botnet: they deleted the accounts, and also disabled the servers and domains associated with it. In addition, the company has filed a lawsuit against the Russians Dmitry Starovikov and Alexander Filippov,

Security News

Previously assessed as insignificant, DirtyMoe botnet infected over 100,000 Windows systems

ByVladimir KrasnogolovyJune 23, 2021

The developers of the DirtyMoe botnet (which was assessed as insignificant) added to it a worm-like spreading module, after which the malware infected more than 100,000 Windows systems. The DirtyMoe botnet which allegedly runs from China, has grown exponentially over the

Security News

TeamTNT mining botnet infected over 50,000 systems in three months

ByVladimir KrasnogolovyJune 2, 2021

Trend Micro warns that since March 2021, the TeamTNT mining botnet from the same-named group has successfully compromised more than 50,000 systems. The TeamTNT group has been active since at least April 2020 and started with attacks on incorrectly configured Docker

Security News

Prometei botnet attacks vulnerable Microsoft Exchange servers

ByVladimir KrasnogolovyApril 23, 2021

Since the patches for ProxyLogon problems were still not installed, cybercriminals continue their activity, for example, the updated Prometei botnet attacks vulnerable Microsoft Exchange servers. Researchers from Cybereason Nocturnus discovered Prometei malware, which mines

Security News

DreamBus botnet attacks corporate applications on Linux servers

ByVladimir KrasnogolovyJanuary 28, 2021

Zscaler analysts reported about the new DreamBus botnet that attacks corporate applications on Linux servers. It is a variation of the SystemdMiner malware that appeared back in 2019. DreamBus has received a number of improvements over SystemdMiner. For example, the botnet

Security News

PgMiner botnet attacks poorly protected PostgreSQL DBs

ByVladimir KrasnogolovyDecember 14, 2020

Palo Alto Networks has discovered the PgMiner botnet, which attacks and breaks into poorly protected PostgreSQL DBs in order to install miners. A new Linux-based cryptocurrency mining botnet exploits PostgreSQL’s Remote Code Execution (RCE) vulnerability, which

Security News

KashmirBlack botnet is behind attacks on popular CMS including WordPress, Joomla and Drupal

ByVladimir KrasnogolovyOctober 27, 2020

Researchers from Imperva have found that the KashmirBlack botnet, active since the end of 2019, is behind attacks on hundreds of thousands of websites powered by popular CMS, including WordPress, Joomla, PrestaShop, Magneto, Drupal, vBulletin, osCommerce, OpenCart and