FBI, Google Take Down NetNut Proxy Network Used by Cyber Threat Actors
The NetNut proxy network and the ‘Popa’ botnet are known to have infected devices with variants of Mirai DDoS botnets
Infection refers to malware entering a device or network, enabling unauthorized access, data theft, disruption, or further compromise.
Search across headline titles and summaries.
Background for this topic.
A malware infection occurs when malicious code executes on a device or enters an environment, enabling unauthorized actions such as persistence, data theft, encryption, or further compromise. The term commonly covers viruses, worms, trojans, spyware, and similar malware; an infection may begin through a malicious attachment, exploit, drive-by download, removable media, or stolen credentials. Its effects depend on the malware and the privileges of the affected account, and an infected host does not necessarily spread automatically.
For security practitioners, the key concerns are identifying affected hosts, determining the initial access and scope, and preventing lateral movement. Useful controls include timely vulnerability remediation, email and web filtering, application controls, least-privilege accounts, and endpoint monitoring for unusual processes, persistence, or network connections. When infection is suspected, isolate the system without destroying evidence, investigate related accounts and devices, revoke exposed credentials, remove or rebuild the malware, and validate that restored systems are clean.
Weekly headline count for the current query.
The NetNut proxy network and the ‘Popa’ botnet are known to have infected devices with variants of Mirai DDoS botnets
OysterLoader malware evolves into 2026, refining C2 infrastructure, obfuscation & infection stages
SystemBC malware linked to 10,000 infected IPs, posing risks to sensitive government infrastructure
SHADOW#REACTOR is a multi-stage Windows malware campaign that stealthily deploys the Remcos RAT using complex infection techniques
Infected 4.3 million Chrome and Edge users via extensions; ShadyPanda exploited browser marketplaces
A new version of the Shai-Hulud worm has infected hundreds of npm packages and caused disruption to global CI/CD workflows
Morphisec has observed a new operation embedding StealC V2 malware in Blender project files, targeting users via 3D assets and launching a multi-stage infection chain
The ongoing ‘PhantomRaven’ malicious campaign has infected 126 npm packages to date, representing 86,000 downloads
New Android malware Qwizzserial has infected 100,000 devices, primarily in Uzbekistan, stealing SMS data via Telegram distribution
This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware
The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet
VanHelsingRaaS, a new ransomware-as-a-service program, infected three victims within two weeks of release, demanding ransoms of $500,000
A new phishing campaign has been identified using Havoc to control infected systems, leveraging SharePoint and Microsoft Graph API
A new Snake Keylogger variant, responsible for over 280 million blocked infection attempts worldwide, has been identified targeting Windows users
Jscambler claims at least 17 sites have been infected with web skimmers, including Casio’s
CERT-UA has warned that a mass phishing campaign impersonating Ukraine’s Security Services has infected more than 100 government devices
Mandiant’s latest M-Trends report found that vulnerability exploitation was the most common initial infection vector in 2023, making up 38% of intrusions
Kaspersky said cybercriminals harvested 50.9 login credentials per infected device in 2023
Proofpoint found that 69% of organizations experienced a successful ransomware incident in the past year, with 60% hit on four or more occasions
IBM found Gootloader group opting for GootBot over off-the-shelf tools for lateral movement