Botnets have been plaguing the world for a couple of decades now. They never fail to surprise security analysts and law enforcement.
What’s going on?
Avast Security, in a detailed blog post, explained how two DVB boxes are prone to both ransomware and botnet attacks. These boxes are Philips DTR3502BFTA and Thomson THT741FTA. The vulnerability is mainly because of the lack of encryption in these devices. Moreover, the Telnet protocol was spotted exposing infection from the Mirai botnet.
What does this imply?
Attackers can tamper with the content exhibited to the user through RSS feed and weather applications.
Adversaries can display a ransomware message, informing victims that their TV has been hijacked.
In addition, researchers discovered that the DNS hijack could be transferred to the device. Thus, implying that attackers can store malware payloads and persist through reboots and resets.
Recent botnet attacks
Recently, NCR Corporation discovered malware-infected computers on its network. The malware was detected as Lethic botnet and its capabilities include remote access, lateral movement, and downloading of additional payloads.
A novel ad fraud botnet was found to be distributed via the lure of free items. The campaign, dubbed TERRACOTTA, spoofed more than 5,000 apps.
The Dracula botnet was identified to be pushing pro-Chinese political scam, with 3,000 accounts.
A game of hide and seek
Fast flux is ..
Support the originator by clicking the read the rest link below.
