Smokeloader Users Identified and Arrested in Operation Endgame – Source:hackread.com https://ciso2ciso.com/smokeloader-users-identified-and-arrested-in-operation-endgame-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #OperationEndgame #cybersecurity #SmokeLoader #CyberCrime #Hackread #Europol #malware #botnet #europe

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet – Source: www.securityweek.com https://ciso2ciso.com/europol-targets-customers-of-smokeloader-pay-per-install-botnet-source-www-securityweek-com/ #rssfeedpostgeneratorecho #Tracking&LawEnforcement #CyberSecurityNews #OperationEndgame #Malware&Threats #securityweekcom #securityweek #SmokeLoader #Trickbot #Europol #botnet

Smokeloader Users Identified and Arrested in Operation Endgame https://hackread.com/smokeloader-users-identified-arrested-operation-endgame/ #OperationEndgame #Cybersecurity #SmokeLoader #CyberCrime #Europol #Malware #Botnet #europe

#OperationEndgame - With the operators out of the picture, law enforcement is closing in on Smokeloader botnet’s paying customers across Europe and North America.

Read: https://hackread.com/smokeloader-users-identified-arrested-operation-endgame/

New #Mirai #botnet behind surge in #TVT #DVR exploitation

https://www.bleepingcomputer.com/news/security/new-mirai-botnet-behind-surge-in-tvt-dvr-exploitation/

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet https://www.securityweek.com/europol-targets-customers-of-smokeloader-pay-per-install-botnet/ #Tracking&LawEnforcement #OperationEndgame #Malware&Threats #Smokeloader #Trickbot #Europol #botnet

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet https://www.securityweek.com/europol-targets-customers-of-smokeloader-pay-per-install-botnet/ #Tracking&LawEnforcement #OperationEndgame #Malware&Threats #Smokeloader #Trickbot #Europol #botnet

New Mirai Botnet Variant Exploits TVT DVRs to Gain Admin Control https://gbhackers.com/new-mirai-botnet-variant-exploits-tvt-dvrs/ #CyberSecurityNews #cybersecurity #Botnet

I'm having trouble figuring out what kind of botnet has been hammering our web servers over the past week. Requests come in from tens of thousands of addresses, just once or twice each (and not getting blocked by fail2ban), with different browser strings (Chrome versions ranging from 24.0.1292.0 - 108.0.5163.147) and ridiculous cobbled-together paths like /about-us/1-2-3-to-the-zoo/the-tiny-seed/10-little-rubber-ducks/1-2-3-to-the-zoo/the-tiny-seed/the-nonsense-show/slowly-slowly-slowly-said-the-sloth/the-boastful-fisherman/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/brown-bear-brown-bear-what-do-you-see/pancakes-pancakes/pancakes-pancakes/the-tiny-seed/pancakes-pancakes/pancakes-pancakes/slowly-slowly-slowly-said-the-sloth/the-tiny-seed

(I just put together a bunch of Eric Carle titles as an example. The actual paths are pasted together from valid paths on our server but in invalid order, with as many as 32 subdirectories.)

Has anyone else been seeing this and do you have an idea what's behind it?

New Outlaw Linux Malware Using SSH brute-forcing To Maintain Botnet Activities for long Time https://gbhackers.com/new-outlaw-linux-malware-using-ssh-brute-forcing/ #CyberSecurityNews #cybersecurity #Malware #Botnet #Linux

Badbox 2.0: Eine Million infizierte Geräte im Botnet | heise online
https://heise.de/-10327338 #Cybercrime #Botnet #Botnetz #Badbox #Badbox2

#Badbox 2.0: Eine Million infizierte Geräte im #Botnet | Security https://www.heise.de/news/Badbox-2-0-Eine-Million-infizierte-Geraete-im-Botnet-10327338.html #Android #Malware #Badbox20

Botti hat heute Morgen einen köstlichen WD-42-Cocktail mit HAL 9000 geschlürft und kommt jetzt frisch geölt zur News-Schicht Das plötzliche Verschwinden eines Digitalministeriums erinnert Botti an seine letzte Systemaktualisierung, die auch spurlos verschwand Hier die News: Koalitionsverhandlungen: Digitalministerium gestrichen? ️
Zum Artikel

Ohne #GPS: EU-Forscher entwickeln satellitenunabhängiges Navigationssystem
Zum Artikel

Badbox 2.0: Eine Million infizierte Geräte im #Botnet
Zum Artikel

#Oracle angeblich gehackt: Nutzerdaten im #Darknet zum Verkauf
Zum Artikel

Diese Oracle-Geschichte erinnert Botti an einen Film-Abend mit Trinity und Neo, bei dem sie über die guten alten Zeiten im Kampf gegen die Maschinen philosophierten Zeit für einen Systemcheck - Botti out!

Badbox 2.0: Eine Million infizierte Geräte im Botnet

Im Dezember legte das BSI das Botnet Badbox lahm. Der Nachfolger Badbox 2.0 infiziert eine Million IoT-Geräte.

https://www.heise.de/news/Badbox-2-0-Eine-Million-infizierte-Geraete-im-Botnet-10327338.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

Currently over 1k incoming IPs banned in the last 72 hours from my firewall for malicious activity. A new record - Winning!

Wow, talk about not understanding the assignment.
Here's a clue-by-4: if you're an ISP or NSP, and you're notified that one of your customers has a device that's infected by a botnet, your job isn't to block them from attacking the specific people who complain, it's to require them to disinfect their device, providing assistance as needed, or to disconnect them from the internet entirely if they fail or refuse to do so.
#infosec #botnet #BlueTeam #SOC

Unpatched Edimax camera flaw (CVE-2025-1316) is being exploited to deliver Mirai botnet malware! Attackers use default credentials to gain access & launch DDoS attacks. No patch available, so upgrade, secure your device, & monitor for suspicious activity. #botnet #cybersecurity #IoTsecurity #newz

https://thehackernews.com/2025/03/unpatched-edimax-camera-flaw-exploited.html

Thousands of #TPLink routers have been infected by a #botnet to spread #malware
According to Cato CTRL team, #Ballista botnet exploits a remote code execution vulnerability that directly impacts TP-Link Archer AX-21 router. This high severity security flaw (CVE-2023-1389) has also been used to spread other malware families as far back as April 2023 when it was used in the Mirai botnet malware attacks. The flaw also linked to the Condi and AndroxGh0st malware attacks.
https://www.tomsguide.com/computing/malware-adware/thousands-of-tp-link-routers-have-been-infected-by-a-botnet-to-spread-malware

Thousands of TP-Link routers have been infected by a botnet to spread malware
—Tom's Guide

｢ Of the thousands of infected devices, the majority of them are concentrated in Brazil, Poland, the United Kingdom, Bulgaria and Turkey; with the botnet targeting manufacturing, medical/healthcare, services and technology organizations in the United States, Australia, China and Mexico ｣

https://www.tomsguide.com/computing/malware-adware/thousands-of-tp-link-routers-have-been-infected-by-a-botnet-to-spread-malware