Lax Security Fuels Massive 8220 Gang Botnet Army Surge
The threat group 8220 Gang's cryptocurrency miner and botnet reach has exploded to 30,000 global hosts, a notable increase over the past month, researchers say.
Stay informed on botnet trends, attacks, and defenses. Get the latest updates and expert insights on botnet threats in information security.
Search across headline titles and summaries.
Background for this topic.
A botnet is a network of compromised internet-connected devices controlled remotely by an attacker through malware. These devices, known as bots, receive commands from centralized or decentralized command-and-control (C2) servers to perform coordinated actions such as launching Distributed Denial of Service (DDoS) attacks, sending spam, or distributing additional malware. Botnets vary in size and complexity, often leveraging vulnerabilities in devices or weak authentication to propagate.
In information security, botnets pose significant risks including large-scale service disruptions from DDoS attacks and the unauthorized use of infected devices for malicious activities. Detecting botnet activity involves monitoring network traffic for unusual patterns and identifying communication with known C2 infrastructure. Effective defense includes timely patching of vulnerable systems, blocking C2 domains or IPs based on threat intelligence, and isolating infected hosts to prevent further spread or damage. Coordinated efforts to disrupt botnet infrastructure can reduce their operational impact.
The threat group 8220 Gang's cryptocurrency miner and botnet reach has exploded to 30,000 global hosts, a notable increase over the past month, researchers say.
The 8220 cryptomining group has expanded in size to encompass as many as 30,000 infected hosts, up from 2,000 hosts globally in mid-2021
A cryptomining gang known as 8220 Gang has been exploiting Linux and cloud app vulnerabilities to grow their botnet to more than 30,000 infected hosts. [...]
Can't get into that machine? No problem, just trust this completely sketchy looking tool Industrial engineers and operators are being lured into running backdoor malware disguised as tools for recovering access to work systems.…
Industrial engineers and operators are the target of a new campaign that leverages password cracking software to seize control of Programmable Logic Controllers (PLCs) and co-opt the machines to a botnet