Skip to main content

Tag: botnet

65 articles

Dimly lit server room with rows of racked servers and networking gear.

NadMesh Botnet Targets Exposed AI Services for Cloud Credentials

Meet NadMesh, a sneaky botnet on the hunt for cloud credentials, with its operators claiming to have already amassed 3,811 unique AWS keys; but is its reported success just a facade?

Analyst 207
Dimly lit server room with rows of computer servers and networking equipment in disarray.

Cloud Worm CAI Disrupts Rivals, Steals Secrets and Mines Crypto

Meet CAI, a malicious botnet that's disrupting rival operations, swiping sensitive secrets, and mining cryptocurrency - all while eliminating competing malware to maintain its grip on compromised targets. This centralized worm is a powerhouse of credential theft and cryptomining, making it a force to be reckoned with.

Analyst 207
Living room entertainment center with smart TV, streaming box, and network equipment in background.

Google Disrupts NetNut Residential Proxy Botnet

Google teamed up with the FBI, Lumen, and other partners to take down the NetNut residential proxy network, disabling key Google accounts and services used by the threat actors to control malware. This move helps keep everyday devices and systems safe from being exploited as footholds for attacks.

Analyst 207
Smart devices like TVs and streaming boxes scattered in a brightly-lit living room.

Google Disrupts NetNut Residential Proxy Network

Google's Threat Intelligence Group has disrupted NetNut, a massive residential proxy network controlling at least 2 million infected devices worldwide, including smart TVs and streaming boxes. This botnet, powered by trojanized apps and malicious software like Badbox 2.0, was used for cybercrime and espionage activities.

Analyst 207
Home network setup with disrupted connections and erratic router lights.

FBI and Google Disrupt NetNut Proxy Network Used by Cyber Threat Actors

In a major win for cybersecurity, the FBI and Google have joined forces to dismantle the notorious NetNut proxy network, a go-to tool for cyber threat actors. This disruption has significantly reduced the network's capacity, cutting the available pool of devices by millions.

Analyst 207
Law enforcement officials surround a computer server setup in a secure facility.

FBI Disrupts NetNut Proxy Platform Tied to Popa Botnet

In a major cybercrime crackdown, the FBI has seized hundreds of domains linked to NetNut, a residential proxy service allegedly tied to the massive Popa botnet, which controls at least two million devices. This disruption, made possible with the help of industry partners like Google and Lumen, marks a significant blow to the network's operations.

Analyst 207
Microsoft Disrupts Dual Cybercrime Tools in Novel Court Takedown

Microsoft Disrupts Dual Cybercrime Tools in Novel Court Takedown

In a groundbreaking move, Microsoft led a global effort to dismantle two notorious cybercrime tools, Amadey and StealC, used by hackers to infect over 140,000 computers worldwide in just one week. This bold takedown marks a significant win in the fight against cybercrime.

Analyst 207
Home router on cluttered living room table with softly glowing lights.

AryStinger Malware Infects 4,300 Routers in Global Reconnaissance Network

Meet AryStinger, a sneaky new malware that's hijacked over 4,300 home routers worldwide, transforming them into a covert network for spying and proxying - and the numbers are still climbing. This cunning malware lets hackers scan the internet, tunnel traffic, and run secret commands, all while hiding their digital tracks.

Analyst 207
Dimly lit home network setup with outdated routers, tangled cables, and old equipment.

AryStinger Botnet Exploits Flaws in Thousands of D-Link Routers

Meet AryStinger, a sneaky botnet that's hijacked over 4,000 outdated D-Link routers worldwide, turning them into a powerful tool for hackers to carry out stealthy scans and attacks. This malware mastermind breaks down massive tasks into tiny chunks, distributing them across its zombie network for lightning-fast execution.

Analyst 207
Law enforcement operation disrupts botnet infrastructure in a brightly-lit server room with rows of computer servers and…

Authorities dismantle Evil Corp's SocGholish botnet infrastructure

In a major win for cybersecurity, international authorities have joined forces to dismantle the notorious SocGholish botnet infrastructure, a multi-stage malware kit that had been exploited for ransomware campaigns and espionage since 2017. This coordinated effort has successfully disabled the malware's control points and seized related infrastructure.

Analyst 207
US military base with networking gear and a router on a table.

China-linked JDY botnet targets US military networks with expanded reconnaissance.

The JDY botnet, linked to China, has more than doubled its malicious reach since January 2024, growing from 650 to over 1,500 compromised devices, with a significant focus on infiltrating US military networks and associated targets. This expanding reconnaissance capability poses a concerning threat to US cybersecurity.

Analyst 207
Dutch police officers inspect server equipment in a brightly-lit facility.

Dutch Police Disrupt Major Botnet Linked to 17 Million Infected Devices

Dutch authorities have successfully dismantled a massive botnet that had infected a staggering 17 million devices worldwide, turning everyday gadgets into a global attack platform. The operation, led by the Dutch Police and National Cyber Security Center, seized key servers and brought the botnet's infrastructure offline.

Analyst 207
Formal law enforcement setting with podium and documents in daylight.

Canada Arrests Suspect Tied to Kimwolf Botnet Operation

In a major breakthrough, Canadian authorities have arrested 23-year-old Jacob Butler, aka "Dort", for his alleged role as a key administrator of the notorious Kimwolf botnet operation, which infected over 2 million Android TV devices worldwide. The arrest marks a significant step in the fight against one of the most widespread distributed-denial-of-service (DDoS) botnets on record.

Analyst 207
Abandoned study with laptop displaying ransomware warning, eerie blue glow, and ghostly suit-clad figure in background.

Gentlemen Ransomware Operation Exposes 1,570 Victims Through SystemBC Malware

A shocking 1,570 networks worldwide have been compromised by the sneaky SystemBC malware, which has been quietly building a massive botnet of victims across the globe. This stealthy threat can even download and execute additional malware, putting your security at risk.

Analyst 207
Dimly lit server room with humming servers and tangled cables, a laptop screen in the foreground displays a distorted,…

Chaos Malware Expands to Target Misconfigured Cloud Deployments

Malware previously confined to home routers has now set its sights on cloud infrastructure, specifically targeting misconfigured cloud deployments and expanding its botnet territory. This alarming evolution in Chaos malware attacks demands attention from those responsible for securing cloud infrastructure.

Analyst 207
Dimly lit server room with humming servers and blinking lights, overlaid with a glowing global network diagram.

Masjesu Botnet Targets Global IoT Devices with DDoS-for-Hire Service

Meet Masjesu, a stealthy botnet that's been quietly building an army of compromised IoT devices to launch devastating DDoS attacks - and it's available for rent to anyone with a Telegram account. This covert network has been operating in the shadows since 2023, offering a sinister DDoS-for-hire service that's got cybersecurity experts sounding the alarm.

Analyst 207
Dort Unmasked: Alarming Rise of Kimwolf Botmaster Threat

Dort Unmasked: Alarming Rise of Kimwolf Botmaster Threat

Meet Dort, the mysterious mastermind behind the notorious Kimwolf botnet, a cybercrime powerhouse wreaking havoc on the internet. As the true identity and motives of this elusive threat actor remain shrouded in mystery, one thing is certain: their malicious activities have sent shockwaves through the cybersecurity landscape.

Analyst 207
Kimwolf Botmaster Dort Exclusive Troubling Reveal

Kimwolf Botmaster Dort Exclusive Troubling Reveal

When researchers responsibly disclosed the flaw that seeded Kimwolf, the alleged operator Dort retaliated with DDoS, doxing and a false SWAT call—turning a technical disclosure into a personal crisis. It’s a gripping look at what happens when the defenders become the targets.

Analyst 207
ICE Agent Doxxing Site Exclusive: Troubling DDoS via Russia

ICE Agent Doxxing Site Exclusive: Troubling DDoS via Russia

A site publishing ICE agents’ details after a DHS data leak has been repeatedly taken offline by DDoS attacks — some traced to Russian‑routed infrastructure — revealing a dangerous collision of doxxing, international cyber meddling and real‑world risk.

Analyst 207
Kimwolf Botnet Exclusive: Severe Local Network Threat

Kimwolf Botnet Exclusive: Severe Local Network Threat

If your router were a wolf at the door, would you still leave the latch open? The Kimwolf botnet has been hijacking routers to steal credentials, alter traffic, and keep persistent access—update firmware, remove WAN management, and change default passwords now.

Analyst 207
Kimwolf Botnet Exclusive: Dangerous Local Network Alert

Kimwolf Botnet Exclusive: Dangerous Local Network Alert

Think your home network is a locked room? Researchers warn the Kimwolf botnet is quietly replacing the lock—compromising routers and IoT devices to build stealthy footholds for DDoS, data theft, or lateral attacks.

Analyst 207
Android TV streaming box: Exclusive Dangerous botnet alert

Android TV streaming box: Exclusive Dangerous botnet alert

Think twice before buying a bargain Android TV streaming box—some models quietly turn your home network into a botnet relay, routing illicit traffic that can slow your connection, invade your privacy and even expose you to legal risk. Here’s what to watch for so convenience doesn’t end up costing you more than you bargained for.

Analyst 207
Android TV: Must-Read Botnet Risk Alert

Android TV: Must-Read Botnet Risk Alert

Before you plug in that bargain Android TV box, know this: researchers say some models secretly route other peoples internet traffic through your home, effectively turning the device into a botnet node and putting you at risk of fraud and legal trouble.

Analyst 207
AI Exclusive: Dangerous Vibe-Code Malware Surge

AI Exclusive: Dangerous Vibe-Code Malware Surge

Playful vibe coding—quick, AI-assisted tinkering—has slid into the criminal underground, letting amateurs spin up adaptive ransomware, cryptominers and hyper-personalized phishing at speed. The result is a weird mix of sloppy charm and real danger as generative tools turn into a malware force‑multiplier.

Analyst 207