Gorilla Botnet Strikes with Over 300,000 DDoS Attacks in 100 Countries

Published:

spot_img

New Botnet Malware “Gorilla” Unleashed: A Variant of Mirai Source Code

The cybersecurity world has a new threat on its hands with the emergence of the GorillaBot, a new botnet malware family that is causing chaos across the digital landscape. This variant of the infamous Mirai botnet source code has been wreaking havoc with over 300,000 attack commands issued in just a few weeks.

The cybersecurity firm NSFOCUS has been tracking the activities of GorillaBot since last month and has found that the botnet has been launching distributed denial-of-service (DDoS) attacks at an alarming rate. With an average of 20,000 attack commands being issued every day, the botnet has targeted a wide range of sectors including universities, government websites, banks, and gaming platforms in over 100 countries.

The primary weapons in GorillaBot’s arsenal are UDP flood, ACK BYPASS flood, Valve Source Engine (VSE) flood, SYN flood, and ACK flood attacks. These tactics allow the botnet to generate a massive amount of traffic by exploiting the connectionless nature of the UDP protocol and carrying out arbitrary source IP spoofing.

What makes GorillaBot even more dangerous is its ability to exploit a security flaw in Apache Hadoop YARN RPC for remote code execution. This flaw has been exploited in the wild since 2021, highlighting the advanced capabilities of this new botnet malware.

To maintain control over infected devices, GorillaBot uses encryption algorithms commonly employed by the Keksec group and employs multiple techniques to avoid detection. With capabilities to support multiple CPU architectures and connect to predefined command-and-control servers, GorillaBot is proving to be a formidable adversary in the cybersecurity landscape.

spot_img

Related articles

Recent articles

Airrived Secures Top Spot in AWS Cybersecurity Startup Accelerator, Backed by Industry Leaders AWS, CrowdStrike, CyberE71, and UAE Cyber Security Council

Airrived Secures Top Spot in AWS Cybersecurity Startup Accelerator, Backed by Industry Leaders AWS, CrowdStrike, CyberE71, and UAE Cyber Security Council DUBLIN, Calif. — Airrived,...

MRI Software Advances Data Readiness as Core of Gulf PropTech, Asserts ME Regional Director

MRI Software Advances Data Readiness as Core of Gulf PropTech, Asserts ME Regional Director The landscape of property management in the Middle East is undergoing...

Dark Web Intelligence Market Set to Surge to US$ 3.07 Billion by 2033, Driven by AI Innovations and North America’s 38% Dominance

Dark Web Intelligence Market Set to Surge to US$ 3.07 Billion by 2033, Driven by AI Innovations and North America's 38% Dominance The Global Dark...

Six New U-Boot Flaws Risk Device Crashes and Unauthorized Code Execution at Boot

Six New U-Boot Flaws Risk Device Crashes and Unauthorized Code Execution at Boot Researchers from the firmware security firm Binarly have identified six critical vulnerabilities...