1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This rapidly expanding botnet is launching DDoS attacks left, rig

    From TechnologyDaily@1337:1/100 to All on Thu Apr 14 15:30:03 2022
    This rapidly expanding botnet is launching DDoS attacks left, right and center

    Date:
    Thu, 14 Apr 2022 14:21:25 +0000

    Description:
    Chinese threat actor is infecting devices with the Fodcha malware.

    FULL STORY ======================================================================

    Researchers from Qihoo 360 have discovered a brand new, gargantuan botnet, capable of launching more than 100 attacks every single day.

    The threat actor is targeting devices such as routers, DVRs, and servers with malware known as Fodcha. In less than a month, the researchers have discovered, the threat actors managed to infect more than 62,000 devices with the Fodcha malware.

    At every point in time, roughly 10,000 devices are being used to launch Distributed Denial of Service ( DDoS ) attacks, using the services of China Unicom (59%) and China Telecom (39%).

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Targeting hundreds of victims daily

    "Based on direct data from the security community that we worked with, the number of daily live bots are more than 56000," the researchers allegedly said. "The global infection looks fairly big as just in China there are more than 10,000 daily active bots (IPs) and also more than 100 DDoS victims being targeted on a daily basis."

    To compromise the endpoints , the attackers are using a slew of exploits that abuse n-day vulnerabilities in devices and services including Android ADB Debug Server RCE, Realtek Jungle SDK, TOTOLINK Routers, ZHONE Routers, and others.

    Furthermore, the botnet targets MIPS, MPSL, ARM, x86, and other CPU architectures. Read more

    DDOS attacks: how to prevent and protect your business against them


    DDoS attacks could soon be bigger and more dangerous than ever


    A new botnet is launching attacks on millions of routers and IoT devices

    The initial domain used for command-and-control (C2), folded[.]in, was shut down by the vendor, on March 19, the researchers further said. After that,
    the threat actors migrated to fridgexperts[.]cc.

    "The shift from v1 to v2 is due to the fact that the C2 servers corresponding to the v1 version were shutdown by a their cloud vendor, so Fodcha's
    operators had no choice but to re-launch v2 and update C2," the researchers said.

    "The new C2 is mapped to more than a dozen IPs and is distributed across multiple countries including the US, Korea, Japan, and India, it involves
    more cloud providers such as Amazon, DediPath, DigitalOcean, Linode, and many others." You can protect your devices from Fodcha malware with the best antivirus solutions right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-rapidly-expanding-botnet-is-launching-ddos -attacks-left-right-and-center/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)