Dutch Authorities Disrupt Massive Botnet of 17 Million Devices

In a major cybercrime crackdown, Dutch authorities have successfully dismantled a massive botnet comprising 17 million infected devices, seizing over 200 servers used to host its infrastructure. This significant takedown was made possible through a collaborative effort between the Police and the National Cyber Security Centre…

https://osintsights.com/dutch-authorities-disrupt-massive-botnet-of-17-million-devices?utm_source=mastodon&utm_medium=social

#BotnetTakedown #EmergingThreats #Netherlands #NationalCyberSecurityCentre #Ncsc

CrowdStrike disrupts Glassworm botnet with global takedown

In a major win for cybersecurity, CrowdStrike has successfully dismantled the notorious Glassworm botnet in a global takedown, cutting off its operators from infected machines worldwide. The infected machines now harmlessly connect to a CrowdStrike-controlled IP address, rendering the botnet useless.

https://osintsights.com/crowdstrike-disrupts-glassworm-botnet-with-global-takedown?utm_source=mastodon&utm_medium=social

#BotnetTakedown #EmergingThreats #Glassworm #Crowdstrike #Google

Glassworm botnet disrupted by takedown of resilient C2 infrastructure

In a major win for cybersecurity, researchers from CrowdStrike, Google, and The Shadowserver Foundation have successfully disrupted the Glassworm botnet by dismantling its complex command-and-control infrastructure. This takedown cuts off the lifelines of the threat actors, halting their campaigns that had been ongoing since…

https://osintsights.com/glassworm-botnet-disrupted-by-takedown-of-resilient-c2-infrastructure?utm_source=mastodon&utm_medium=social

#BotnetTakedown #Glassworm #C2Infrastructure #Blockchain #Peertopeer

"⚰️ Mozi Botnet's Mysterious Demise: The Kill Switch Discovery 🕵️‍♂️"

Researchers at ESET have uncovered the kill switch that led to the abrupt downfall of the Mozi botnet, a notorious threat to IoT devices. The botnet's activity plummeted in August 2023, first in India and then in China, as a result of a control payload delivered via UDP, bypassing the BitTorrent DHT protocol. This strategic takedown raises questions about its orchestrators - the botnet creators themselves or Chinese law enforcement. 🤔💡

Tags: #MoziBotnet #KillSwitch #CyberForensics #IoTSecurity #BotnetTakedown #ESETResearch #CyberSecurity #ThreatIntelligence

Credit: Ivan Bešina, Michal Škuta, Miloš Čermák via WeLiveSecurity

For a detailed analysis of the Mozi botnet's kill switch and its implications, stay tuned to ESET's upcoming publications. Meanwhile, explore the MITRE ATT&CK techniques used:

• Resource Development: Acquiring infrastructure like virtual private servers.
• Initial Access: Exploiting public-facing applications.
• Persistence: Using boot or logon initialization scripts.
• Exfiltration: Sending data over unencrypted protocols.
• Impact: Stopping services and blocking access with iptables.

🔐 MITRE ATT&CK - Mozi