Retail faces continued threat from IoT botnets

A new report from Netskope Threat Labs sheds light on the major cloud threats targeting the retail industry over the past year. The key malware families deployed by attackers were IoT botnets like Mirai, remote access tools, and infostealers aimed at stealing customer payment data and credentials.

Paolo Passeri, Cyber Intelligence Principal at Netskope, said: “It’s surprising that the retail sector still finds itself specifically targeted with botnets like Mirai as attackers...

US disrupts botnet used by Russia-linked APT28 threat group

The US government has disrupted a network of routers that were being used by the Russia-linked threat group APT28 to conceal malicious cyber activities. 

"These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as US and foreign governments and military, security, and corporate organisations," said the US Department of Justice (DoJ) in a statement.

APT28, tracked by...

‘Pandoraspear’ botnet hijacks smart TVs and boxes

Cybercrime syndicate Bigpanzi stands accused of orchestrating a massive Distributed Denial of Service (DDoS) botnet named 'Pandoraspear'.

Pandoraspear has reportedly infected potentially millions of smart TVs and set-top boxes, with at least 170,000 bots actively running during the campaign's peak.

The infection mechanism primarily targets Android-based smart TVs and streaming hardware, exploiting users who visit dubious streaming sites on their smartphones. Upon...

Mirai variant ‘Beastmode’ exploits fresh vulnerabilities

A variant of the Mirai botnet called Beastmode has been observed exploiting recently-discovered vulnerabilities.

The Mirai botnet is composed primarily of IoT and embedded devices. In 2016, Mirai made national headlines when it used exploited connected devices to overwhelm several high-profile targets with record-setting Distributed Denial-of-Service (DDoS) attacks.

Mirai’s original creator was arrested in the fall of 2018 but variants have continued to emerge which...

Researchers discover another Mirai variant targeting new IoT vulnerabilities

Security researchers from Palo Alto Networks have discovered another Mirai variant that is targeting new IoT vulnerabilities.

Researchers from Unit 42, the cybersecurity division of Palo Alto Networks, discovered a number of attacks on Feb 16th, 2021 that leveraged vulnerabilities including:

VisualDoor (a SonicWall SSL-VPN exploit).CVE-2020-25506 (a D-Link DNS-320 firewall exploit).CVE-2020-26919 (a Netgear ProSAFE Plus exploit).Possibly CVE-2019-19356 (a Netis WF2419...

Netlab researchers discover IoT botnets HEH and Ttint

Security researchers from Netlab have discovered two new IoT botnets called HEH and Ttint.

Netlab is the network research division of Chinese cybersecurity giant Qihoo 360. The company’s researchers first spotted the Ttint botnet targeting Tenda routers using two zero-day vulnerabilities.

Ttint spreads a remote control trojan based on code from the Mirai malware.

Mirai caused widespread chaos in 2016 when it hit DNS provider Dyn and impacted popular services...