Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery

By: Newsroom — May 9^th 2024 at 11:04

Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That's according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload. While CVE-2023-46805 is an authentication bypass flaw, CVE-2024-

The Hacker News

New Findings Challenge Attribution in Denmark's Energy Sector Cyberattacks

By: Newsroom — January 14^th 2024 at 09:07

The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a security flaw in Zyxel firewall (CVE-2023-28771) and a

The Hacker News

NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining

By: Newsroom — January 10^th 2024 at 15:15

A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. “The capabilities of the new botnet, NoaBot, include a wormable self-spreader and an SSH key backdoor to download and execute additional binaries or spread itself to new victims,” Akamai security researcher Stiv Kupchik said in a report shared with The

The Hacker News

Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks

By: THN — September 7^th 2023 at 09:47

A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service (DDoS) attacks. Doctor Web said the compromises are likely to occur either during malicious firmware updates or when applications for viewing pirated video content are installed. "It is likely that this

The Hacker News

New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices

By: Ravie Lakshmanan — February 17^th 2023 at 09:25

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different campaigns likely conducted by the same threat actor. "Once the vulnerable devices are compromised, they

The Hacker News

Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack

By: Ravie Lakshmanan — October 14^th 2022 at 07:14

Web infrastructure and security company Cloudflare disclosed this week that it halted a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet. Characterizing it as a "multi-vector attack consisting of UDP and TCP floods," researcher Omer Yoachimik said the DDoS attack targeted the Minecraft server Wynncraft in Q3 2022. "The entire 2.5 Tbps attack lasted about 2 minutes,

The Hacker News

Mirai Variant MooBot Botnet Exploiting D-Link Router Vulnerabilities

By: Ravie Lakshmanan — September 7^th 2022 at 06:57

A variant of the Mirai botnet known as MooBot is co-opting vulnerable D-Link devices into an army of denial-of-service bots by taking advantage of multiple exploits. "If the devices are compromised, they will be fully controlled by attackers, who could utilize those devices to conduct further attacks such as distributed denial-of-service (DDoS) attacks," Palo Alto Networks Unit 42 said in a