Trojan

Echobot botnet launched large-scale attacks on iOT devices

Check Point experts prepared a Global Threat Index report on the most active threats in August 2019. Analysts note the activity of the Echobot botnet – it launched large-scale attacks on iOT devices, as well as the “return to life” of the Emotet botnet.

In a report, a research team warns of a new variation of the Mirai botnet – Echobot, which launched widespread attacks on smart devices. Echobot appeared in May 2019, and since then it has “learned” to use more than 50 different vulnerabilities.

Malware actively exploits the problems of remote command injection (Command Injection Over HTTP). Echobot attacks have already affected 34% of organizations worldwide.

“Echobot is a new variation of the Mirai botnet. We note a sharp increase in its use: it currently targets more than 50 different vulnerabilities and has already managed to affect more than 34% of companies around the world. Therefore, it is important that organizations regularly update all their networks, software, and IoT devices. In top-3 world threats arrived AgentTesla malware, which was actively spread in the summer months. Typically, phishing emails mimic those messages that are often sent during the holidays: information about booking and buying airline tickets, bills for them”, — commented the representatives of Check Point Software Technologies.

As the researchers suggested, in August, the infrastructure of another botnet, Emotet, was reactivated. The fact is that a couple of months ago, in June 2019, the number of malicious Emotet campaigns fell sharply. The Check Point team then suggested that the botnet infrastructure could be disabled for maintenance and upgrades.

The “release” of Emotet statements is by no means an out of the ordinary case. Botnets often take breaks in work, updating the infrastructure, or while their operators are resting. For example, the famous Dridex botnet was switched off every year from mid-December to mid-January, during the winter holidays.

Read also: Researchers found a link between Sodinokibi and GandCrab ransomware

As a result, the top of the most active malwares in August 2019 was the following.

The most active malware in August 2019 in the world:

  • XMRig is open source software first discovered in May 2017. Used for mining cryptocurrency Monero
  • Jsecoin is a JavaScript miner that can run the miner directly in the browser in exchange for displaying ads, in-game currency and other incentives.
  • Dorkbot is an IRC-based worm designed for remote code execution by its operator, as well as for downloading additional malicious programs to an infected system.

The most active mobile threats in August 2019:

  • Lotoor — a program that uses vulnerabilities in the Android operating system to obtain privileged root access on hacked mobile devices
  • AndroidBauts — an adware malware that steals IMEI, IMSI, GPS data and other device information and allows you to install third-party applications on infected mobile devices.
  • Triada – a modular backdoor that provides superuser privileges for downloaded malware, and also helps implement them in system processes. Triada has also been seen spoofing URLs loaded in a browser.
Polina Lisovskaya

I works as a marketing manager for years now and loves searching for interesting topics for you

Recent Posts

Remove News-bpudepi.today Pop-up Ads

About News-bpudepi.today News-bpudepi.today pop-ups can not launch out of the blue. If you have actually…

1 day ago

Remove Doguhtam.xyz Pop-up Ads

About Doguhtam.xyz Doguhtam.xyz pop-ups can not expose out of nowhere. If you have clicked some…

1 day ago

Remove News-xlixoti.com Pop-up Ads

About News-xlixoti.com News-xlixoti.com pop-ups can not introduce out of nowhere. If you have actually clicked…

1 day ago

Remove Ducesousightion.com Pop-up Ads

About Ducesousightion.com Ducesousightion.com pop-ups can not introduce out of the blue. If you have actually…

1 day ago

Remove News-xlabica.live Pop-up Ads

About News-xlabica.live News-xlabica.live pop-ups can not launch out of the blue. If you have actually…

1 day ago

Remove Mergechain.co.in Pop-up Ads

About Mergechain.co.in Mergechain.co.in pop-ups can not expose out of the blue. If you have clicked…

1 day ago