Zerobot Botnet Devs Add New Functionality
Latest iteration exploits Apache vulnerabilities
Stay informed on botnet trends, attacks, and defenses. Get the latest updates and expert insights on botnet threats in information security.
Search across headline titles and summaries.
Background for this topic.
A botnet is a network of compromised internet-connected devices controlled remotely by an attacker through malware. These devices, known as bots, receive commands from centralized or decentralized command-and-control (C2) servers to perform coordinated actions such as launching Distributed Denial of Service (DDoS) attacks, sending spam, or distributing additional malware. Botnets vary in size and complexity, often leveraging vulnerabilities in devices or weak authentication to propagate.
In information security, botnets pose significant risks including large-scale service disruptions from DDoS attacks and the unauthorized use of infected devices for malicious activities. Detecting botnet activity involves monitoring network traffic for unusual patterns and identifying communication with known C2 infrastructure. Effective defense includes timely patching of vulnerable systems, blocking C2 domains or IPs based on threat intelligence, and isolating infected hosts to prevent further spread or damage. Coordinated efforts to disrupt botnet infrastructure can reduce their operational impact.
Latest iteration exploits Apache vulnerabilities
We analyze the latest changes in IcedID botnet from a campaign that abuses Google pay per click (PPC) ads to distribute IcedID via malvertising attacks.
Upgraded threat, time to patch The Zerobot botnet, first detected earlier this month, is expanding the types of Internet of Things (IoT) devices it can compromise by going after Apache systems.…
Threat actors continue to evolve the malicious botnet, which has also added a list of new vulnerabilities it can use to target devices.
The Zerobot DDoS botnet has received substantial updates that expand on its ability to target more internet-connected devices and scale its network
The Zerobot botnet has been upgraded to infect new devices by exploiting security vulnerabilities affecting Internet-exposed and unpatched Apache servers. [...]
An ongoing analysis of the KmsdBot botnet has raised the possibility that it's a DDoS-for-hire service offered to other threat actors
The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed and "upscaled" campaign, months after Google disrupted the malicious activity