Category: Botnet
-
Nexcorium-Associated Mirai Variant Uses TBK DVR Exploit to Scale Botnet Operations
Nexcorium-Associated Mirai Variant Uses TBK DVR Exploit to Scale Botnet Operations A new iteration of the notorious Mirai botnet, dubbed Nexcorium, has emerged in the wild, aggressively targeting internet-connected video recording devices. According to recent threat research published by Fortinet’s FortiGuard Labs, threat actors are exploiting a known command injection vulnerability to hijack TBK DVR…
-
Pro-Russian denial-of-service attacks target UK, NCSC warns
Pro-Russian denial-of-service attacks target UK, NCSC warns The UK’s National Cyber Security Centre (NCSC) has issued a warning about the threat posed by distributed denial-of-service (DDoS) attacks from Russia-linked hacking groups who are reported to be continuing to target British organisations. Are you prepared? Read more in my article on the Hot for Security blog.…
-
Operation Endgame disrupts Rhadamanthys information-stealing malware
Operation Endgame disrupts Rhadamanthys information-stealing malware International cybercrime-fighting agencies, co-ordinated by Europol, took down over 1000 servers and seized 20 domains earlier this month as part of Operation Endgame 3.0. Their target? Three major malware platforms: the infostealer known as Rhadamanthys, the VenomRAT remote access trojan, and the Elysium botnet. Read more in my article…
-
Smashing Security podcast #423: Operation Endgame, deepfakes, and dead slugs
Smashing Security podcast #423: Operation Endgame, deepfakes, and dead slugs In this episode of the “Smashing Security” podcast, Graham unravels Operation Endgame – the surprisingly stylish police crackdown that is seizing botnets, mocking malware authors with anime videos, and taunting cybercriminals via Telegram. And BBC cyber correspondent Joe Tidy joins us to talk about “Ctrl-Alt-Chaos”,…
-
New Botnet Hijacks 9,000 ASUS Routers & Enables SSH Access by Injecting Public Key
New Botnet Hijacks 9,000 ASUS Routers & Enables SSH Access by Injecting Public Key A sophisticated botnet campaign dubbed “AyySSHush” has compromised over 9,000 ASUS routers worldwide, establishing persistent backdoor access that survives firmware updates and reboots. The stealthy operation, first detected in March 2025, demonstrates advanced nation-state-level tradecraft by exploiting authentication vulnerabilities and legitimate…