Feds charge 16 #Russians allegedly tied to #botnets used in #cyberattacks and #spying
#russia #security

https://arstechnica.com/security/2025/05/feds-charge-16-russians-allegedly-tied-to-botnets-used-in-cyberattacks-and-spying/

Feds Charge 16 #Russians Allegedly Tied to #Botnets Used in #Ransomware , #Cyberattacks , and #Spying

A new US #indictment against a group of Russian nationals offers a clear example of how, authorities say, a single #malware operation can enable both criminal and state-sponsored #hacking.
#russia

https://www.wired.com/story/us-charges-16-russians-danabot-malware/

Feds Charge 16 Russians Allegedly Tied to #Botnets Used in #Ransomware, Cyberattacks, and #Spying

"A new US indictment against a group of Russian nationals offers a clear example of how, authorities say, a single #malware operation can enable both criminal and state-sponsored hacking."
https://www.wired.com/story/us-charges-16-russians-danabot-malware/

Krebs on Security: KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS. “KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching […]

https://rbfirehose.com/2025/05/22/krebs-on-security-krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/

The Register: Feds disrupt proxy-for-hire botnet, indict four alleged net miscreants. “Earlier this week, the FBI urged folks to bin aging routers vulnerable to hijacking, citing ongoing attacks linked to TheMoon malware. In a related move, the US Department of Justice unsealed indictments against four foreign nationals accused of running a long-running proxy-for-hire network that exploited […]

https://rbfirehose.com/2025/05/14/the-register-feds-disrupt-proxy-for-hire-botnet-indict-four-alleged-net-miscreants/

The FBI has issued an alert about cybercriminals hijacking outdated routers to power massive proxy-for-hire networks—masking malware, fraud, and credential theft right under your nose.

Watch the full Cyberside Chats episode to hear @sherridavidoff and @MDurrin 's insights on:

🔹 The FBI’s May 2025 alert
🔹 TheMoon malware and the Faceless proxy service
🔹 What these botnets mean for your enterprise
🔹 What you need to do now to stay protected

🎥 Watch the video: https://youtu.be/x_40BlvWsHk
🎧 Listen to the podcast: https://www.chatcyberside.com/e/outdated-routers-a-hidden-threat-in-your-neighborhood/?token=b0b648ff9ddf79f7cb1099945c74f7f0

#Cybersecurity #RouterSecurity #ThreatIntel #Malware #CISO #CybersideChats #ProxyAbuse #TheMoonMalware #Botnets #NetworkSecurity #CISO #Cyberaware #Tech #Infosec #IT #CIO #SMB #Cyber

Could your old router be an unwitting accomplice to cybercrime? The FBI warns outdated devices are turning into secret proxy networks for hackers. Time to consider an upgrade?

https://thedefendopsdiaries.com/exploitation-of-end-of-life-routers-a-growing-cybersecurity-threat/

#cybersecurity
#endofliferouters
#themoonmalware
#botnets
#fbiresponse

🤖 CYBERSECURITY
🔴 NSA Warns of “Fast Flux” Botnets

🔸 Rapidly rotating IPs & domains make detection harder.
🔸 Nation-states & ransomware groups use it to evade takedowns.
🔸 Wildcard DNS creates fake subdomains for hidden C2 servers.

#Cybersecurity #NSA #Botnets #FastFlux #DNS #NationalSecurity #Malware #Ransomware

🔐 CISA: Fast Flux DNS Is a National Security Threat

Cyber actors are escalating use of fast flux DNS—a tactic that rapidly changes IP addresses and name servers tied to malicious domains—to evade detection and maintain resilient command-and-control infrastructure.

CISA’s latest advisory, backed by the NSA, FBI, and allies from Australia, Canada, and New Zealand, warns that this technique is:
・🔁 Difficult to block with traditional defenses
・💣 Used in attacks by Hive, Gamaredon, and other advanced threats
・💡 Critical for botnet survival and ransomware delivery

ISPs and DNS providers are being called on to:
・Deploy Protective DNS (PDNS) services
・Develop analytics to detect fast flux behavior
・Share threat intelligence across sectors

This is a call to arms for defenders: if you’re not watching your DNS traffic closely, you’re blind to one of the most elusive forms of modern infrastructure abuse.

👉 https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-093a

#CyberSecurity #CISA #DNS #FastFlux #NationalSecurity #Botnets #ThreatDetection #InfoSec #PDNS

Cybercriminals are evading detection with a trick that makes their attacks almost untraceable. How are shifting DNS records fueling fraud and malware? This could change everything we know about cybersecurity.

https://thedefendopsdiaries.com/understanding-and-combating-fast-flux-in-cybersecurity/

#fastflux
#cybersecurity
#dnssecurity
#botnets
#malwarenetworks

A nicer graphic for the report, now embedded in the PDF

https://toce.ch/the-state-of-the-internet-2024/

#hacking #malware #botnets

AI Data Poisoning

Cloudflare has a new feature—available to free users as well—that uses AI to generate random pages to feed to AI... https://www.schneier.com/blog/archives/2025/03/ai-data-poisoning.html

#Uncategorized #spoofing #botnets #AI

El lado del mal - I, Robot: El problema de Shadow AI y las Botnets de Robots con IA https://www.elladodelmal.com/2025/03/i-robot-el-problema-de-shadow-ai-y-las.html #robots #IA #Botnets #ShadowAI #IA #InteligenciaArtificial #ciberseguridad

We strongly recommend against providing services to entities whose AS or IP networks are listed in Spamhaus (ASN-)DROP - learn more here 👉 https://www.spamhaus.org/blocklists/do-not-route-or-peer/

#BulletproofHosting #DROP #ThreatIntel #Botnets #Phishing

TP-Link Router Botnet

There is a new botnet that is infecting TP-Link routers:
The botnet can lead to comma... https://www.schneier.com/blog/archives/2025/03/tp-link-router-botnet.html

#Uncategorized #botnets #malware

#Botnet con acento #italiano: #Ballista penetra en los #enrutadores #TPLink

https://www.securitylab.lat/news/557232.php?utm_referrer=https%3A%2F%2Fmas.to%2F%40KNTRO

#Enrutador #Router #Routers #TP_Link #Archer #TPLinkArcher #TP_Link_Archer #Cato #CatiNetworks #TPLinkArcherAX21 #ArcherAX21 #AX21 #TP_LinkArcherAX_21 #Condi #AndroxGh0st #AndroxGhost #dropbpd #dropbpdsh #dropbpd_sh #mips #arm #x8664 #x86_64 #DoS #Exploiter #TOR #Censys #Brasil #México #Italia #Mirai #Mozi #Botnets

Ars Technica: Massive botnet that appeared overnight is delivering record-size DDoSes. “A newly discovered network botnet comprising an estimated 30,000 webcams and video recorders—with the largest concentration in the US—has been delivering what is likely to be the biggest denial-of-service attack ever seen, a security researcher inside Nokia said.”

https://rbfirehose.com/2025/03/08/ars-technica-massive-botnet-that-appeared-overnight-is-delivering-record-size-ddoses/

The Internet of Shit is on the attack again, with a suspected Mirai-derivative botnet composed largely of compromised security cameras delivering a massive volumetric DDoS. Sweet.

#BotNets #security #IOT https://mastodon.social/@arstechnica/114115698112535544

👾 #Ramnit is a modular banking #trojan with botnet capabilities

It steals financial data and credentials, recruits infected devices into #botnets, and is notably persistent

Learn more, collect #IOCs & samples: https://any.run/malware-trends/ramnit/?utm_source=mastodon&utm_medium=post&utm_campaign=ramnit&utm_content=mtt&utm_term=180225

#cybersecurity #infosec #malware

Nieuwe ontwikkelingen in ddos-aanvallen: bedrijven onder vuur https://www.trendingtech.news/trending-news/2025/02/53448/nieuwe-ontwikkelingen-in-ddos-aanvallen-bedrijven-onder-vuur #DDoS-aanvallen #cyberbeveiliging #botnets #netwerkbeveiliging #cybercriminaliteit #Trending #News #Nieuws