botnet Archives

Xbash Combines Botnet, Ransomware, Coinmining in Worm that Targets Linux and Windows

Unit 42 researchers discover Xbash, a new malware family tied to the Iron Group targeting Linux and Microsoft Servers

By Claud Xiao, Cong Zheng and Xingyu Jin
September 17, 2018 at 5:00 AM

Multi-exploit IoT/Linux Botnets Mirai and Gafgyt Target Apache Struts, SonicWall

Unit 42 has uncovered new variants of the well-known IoT botnets Mirai and Gafgyt.

By Ruchna Nigam
September 9, 2018 at 6:27 PM

Unit 42 Finds New Mirai and Gafgyt IoT/Linux Botnet Campaigns

Unit 42 documents the emergence of three malware campaigns built on publicly available source code for the Mirai and Gafgyt malware families that incorporate multiple known exploits affecting Internet of Things (IoT) device.

By Ruchna Nigam
July 20, 2018 at 5:00 AM

IoT Malware Evolves to Harvest Bots by Exploiting a Zero-day Home Router Vulnerability

Unit 42 researchers outline the evolution of Satori, a malware family targeting zero-day vulnerabilities in IoT devices

By Cong Zheng, Claud Xiao and Yanhui Jia
January 11, 2018 at 1:00 PM

New IoT/Linux Malware Targets DVRs, Forms Botnet

Unit 42 researchers have identified a new variant of the IoT/Linux botnet “Tsunami”, which we are calling “Amnesia”.

By Claud Xiao and Cong Zheng
April 6, 2017 at 1:00 PM

Andromeda Botnet Targets Italy in Recent Spam Campaigns

Over the past month, Palo Alto Networks has observed two spam campaigns targeting users residing in Italy. The spam emails attempt to install the pervasive Andromeda malware onto victim machines. This malware has been around since 2011 and shows no signs of stopping. Compromised hosts cause a victim’s machine to be attached to the Andromeda

By Josh Grunzweig and Brandon Levene
July 18, 2016 at 12:30 PM

Locky: New Ransomware Mimics Dridex-Style Distribution

Ransomware persists as one of the top crimeware threats thus far into 2016. While the use of document-based macros for ransomware distribution remains relatively uncommon, a new family calling itself “Locky” has borrowed the technique from the eminently successful Dridex to maximize its target base. We first learned of Locky through Invincea and expanded on

By Brandon Levene, Micah Yates and Rob Downs
February 16, 2016 at 4:20 PM

Filmkan: Mysterious Turkish Botnet Grows Through Facebook

On January 31, a security researcher named Mohammad Faghani posted an analysis of malware that was being distributed through Facebook posts. Based on the number of “likes” the malware had generated, Faghani estimated that over 100,000 users had been infected with the malware. We have not been able to identify a common name for this

By Ryan Olson
February 5, 2015 at 9:05 AM

Kuluoz Trends – October 2014

The Asprox/Kuluoz malware family has a special place in our hearts at Palo Alto Networks. This botnet-related Trojan malware has evolved from its 2007 roots into a simple and yet robust mass e-mail phishing threat that is the origin of a significant percentage of Internet spam today. This post further explores trends for this malware

By Rob Downs
November 7, 2014 at 10:00 AM

Posts tagged with: botnet