New Study Uncovers Revived Botnet Targeting Obsolete Devices

Published:

spot_img

The Black Lotus Labs team at Lumen Technologies has uncovered a disturbing trend in the cybercrime world – a multi-year effort to target end-of-life (EoL) and IoT devices, with a particular focus on small home and small office routers. This campaign is associated with an updated version of malware known as TheMoon, which first emerged back in 2014.

According to John Bambenek, President at Bambenek Consulting, the problem stems from a lack of automatic updates in these devices, as well as consumers using them for longer than manufacturers intend. This creates a perfect breeding ground for cybercriminals, who are able to exploit these vulnerable devices for their own gain.

TheMoon has quietly been growing in strength, with more than 40,000 bots across 88 countries by early 2024. Many of these bots are being used to support a cybercriminal-focused proxy service called Faceless, which offers anonymity services to malicious actors at a minimal cost.

Jason Soroko, Senior Vice President of Product at Sectigo, highlights the potential dangers of this campaign, noting that routers and other networking equipment with weak passwords have long been easy targets for cyber attacks. The use of proxy networks for C2 traffic obfuscation adds a new layer of complexity to the situation, showing that cybercriminals are constantly evolving their techniques to stay ahead of detection.

This latest research serves as a stark reminder of the importance of keeping devices updated and secure, as well as implementing stronger authentication methods to protect against potential cyber threats.

spot_img

Related articles

Recent articles

In Other News: Canadian Hacker Jailed, 14 Million Affected by KDDI Data Breach, Two Sentenced for ATM Jackpotting

In Other News: Canadian Hacker Jailed, 14 Million Affected by KDDI Data Breach, Two Sentenced for ATM Jackpotting In recent cybersecurity developments, significant incidents have...

In Kinshasa, President Tshisekedi Accelerates Ebola Response as President Ramaphosa Promotes African Solidarity

In Kinshasa, President Tshisekedi Accelerates Ebola Response as President Ramaphosa Promotes African Solidarity In a significant move to combat the ongoing Ebola outbreak, President Félix...

North Korea-Linked npm Packages Masquerade as Rollup Polyfills to Exfiltrate Developer Secrets

North Korea-Linked npm Packages Masquerade as Rollup Polyfills to Exfiltrate Developer Secrets Recent cybersecurity developments have revealed a new wave of malicious npm packages linked...

UK’s National Cyber Action Plan Delayed Amid Labour Leadership Crisis

UK's National Cyber Action Plan Delayed Amid Labour Leadership Crisis Britain's National Cyber Action Plan, a crucial initiative aimed at bolstering the economy against state-sponsored...