NetNut cracked as Google and FBI target 2 million-device botnet
Other residential proxy brands may rely on the same network
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Other residential proxy brands may rely on the same network
The NetNut proxy network and the ‘Popa’ botnet are known to have infected devices with variants of Mirai DDoS botnets
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa botnet, a collection of at least two million devices that have been compromised by malicious software with little or no consent from victims.
The cybercriminals in control of Kimwolf -- a disruptive botnet that has infected more than 2 million devices -- recently shared a screenshot indicating they'd compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google say they are hunting for the people behind Badbox 2.0, and thanks to bragging by the Kimwolf botmasters we may now have a much clearer idea about that.
The FBI says mainly Chinese-made IoT devices pose a threat from Badbox 2.0 malware
Over 1 Million Infected Off-Brand Android Devices Pose Global Fraud RiskA China-based botnet operation called BADBOX 2.0 has infected more than 1 million off-brand Android smart devices globally. In an alert, the FBI advised consumers to check their home networks for suspicious activity that could be linked to multiple fraud schemes.
Though the operation was partially disrupted earlier this year, the botnet remains active and continues to target connected Android devices.
The FBI also issued a list of end-of-life routers you need to replace Earlier this week, the FBI urged folks to bin aging routers vulnerable to hijacking, citing ongoing attacks linked to TheMoon malware. In a related move, the US Department of Justice unsealed indictments against four foreign nationals accused of running a long-running proxy-for-hire network that exploited outdated routers to funnel criminal traffic.…
Also, BianLian Ransomware Hackers Aren't Really Mailing YouThis week, the U.S. sanctioned the Nemesis admin, Poco RAT spotted in Latin America, Apple challenged a British order to weaken encryption and the FBI warned against scam letters purportedly from BianLian. Also, a Nigerian tax scammer extradited to the U.S., a new botnet and a Webex vulnerability.
The Chinese state-sponsored hacking group Volt Typhoon has begun to rebuild its "KV-Botnet" malware botnet after it was disrupted by law enforcement in January, according to researchers from SecurityScorecard. [...]
Once a user's device is infected as part of an ongoing Flax Typhoon APT campaign, the malware connects it to a botnet called Raptor Train, initiating malicious activity.
Global Botnet's Victims Are in United States, Germany, Romania and Hong KongFBI Director Christopher Wray said Wednesday the bureau seized control of a Chinese-developed botnet that maintained access to thousands of compromised devices across the globe as part of an effort to launch widespread disruptive cyberattacks. The botnet is a Mirai variant.
Plus: Wray tells how bureau helps certain victims negotiate with ransomware crooks China-backed spies are said to have tore down their own 260,000-device botnet after the FBI and its international pals went after them.…
The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called "Raptor Train" that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries. [...]
DoJ says 911 S5 crew earned $100M from 19 million PCs pwned by fake VPNs US authorities have arrested the alleged administrator of what FBI director Christopher Wray has described as "likely the world's largest botnet ever," comprising 19 million compromised Windows machines used by its operators to reap millions of dollars over the last decade.…
The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called "likely the world's largest botnet ever." The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various "free VPN" products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime.
US-Led Operation Disrupts 911 S5 Botnet in Global CrackdownFBI Director Christopher Wray said the U.S. led an internationally coordinated effort to disrupt and dismantle what may be one of the world's largest malicious botnet services, which had accrued 19 million IP addresses by the time it was taken down and its primary administrator was arrested in May.
The FBI took down a botnet of small office/home office (SOHO) routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) to proxy malicious traffic and to target the United States and its allies in spearphishing and credential theft attacks. [...]
The FBI took down a botnet of small office/home office (SOHO) routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) in spearphishing and credential theft attacks targeting the United States and its allies. [...]
Never mind the court orders obtained to thwart Volt Typhoon botnet Analysis The FBI's latest PR salvo, as it fights to preserve its warrantless snooping powers on Americans via FISA Section 702, is more big talk of cyberattacks by the Chinese government.…