📢 Global crackdown dismantles Aisuru, KimWolf, JackSkid, and Mossad botnets behind major DDoS attack campaigns targeting millions of devices worldwide.

Read: https://hackread.com/crackdown-dismantles-4-botnets-ddos-attacks/

#CyberSecurity #CyberCrime #DDoS #Mossad #Aisuru #Botnet

24 hours until the CfP for "LAC-CSIRTs Meeting (LACNIC45 - Panama City, Panama)" closes: https://papercall.io/cfps/6188/submissions/new

#cfp #conference #Csirt #Security #Misp #Training #Dfir #Ransomware #Ddos #Community #Cybersecurity #Threat intelligence #Security awareness #Tabletop exercise #Artificial intelligence (ai) #Supply chain security #Iot security #Llm security #Vibe coding security #Lacnic45

Ich finde es schwierig eine #Malware / ein #Botnet nach dem israelischen Geheimdienst #Mossad zu benennen

#Aisuru, #KimWolf & Co.: Behörden „stören“ vier gefährliche Botnets | Security https://www.heise.de/news/Aisuru-KimWolf-Co-Laenderuebergreifende-Aktion-gegen-vier-gefaehrliche-Botnets-11218668.html #DDoS #CyberCrime #JackSkid

"The collection of millions of hacked computers known as Aisuru and Kimwolf have been used to launch some of the biggest distributed denial-of-service (DDoS) attacks ever seen. Now United States law enforcement agencies have wiped both of them off the internet, along with two of the other hordes of hijacked computers—known as botnets—in a single broad takedown.

On Thursday, the US Department of Justice, working with the cybercrime-fighting agency within the US Department of Defense known as the Defense Criminal Investigative Service, announced that it had dismantled four massive botnets in a single operation, removing the command-and-control servers used to commandeer the hacker-run armies of compromised devices known by the names JackSkid, Mossad, Aisuru, and Kimwolf. Together, operators of the four botnets had amassed more than 3 million devices, the Justice Department said, and often sold access to those devices to other criminal hackers as well as using them to target victims with overwhelming floods of attack traffic to knock websites and internet services offline.

Aisuru and Kimwolf, a distinct but Aisuru-related botnet, had together comprised more than a million devices, according to DDoS defense firm Cloudflare, with Aisuru infecting a variety of devices ranging from DVRs to network appliances to webcams, and its Kimwolf offshoot infecting Android devices including smart TVs and set-top boxes."

https://www.wired.com/story/us-takes-down-botnets-used-in-record-breaking-cyberattacks/

#CyberSecurity #Botnets #DDoS #Aisuru #Kimwolf

New, from our ERT: #CECbot, an Android TV botnet and the first malware we're aware of that exploits HDMI-CEC.

It puts the TV to sleep so you don't notice the box behind it is running DDoS and residential proxy traffic. Curve25519/ChaCha20 crypto, 9 persistence layers, and... LAN mapping.

Successor to a Mirai fork, shares not much but the C2 server.

https://github.com/deepfield/public-research/blob/main/cecbot/report.md

#threatintel #DDoS