Nowadays, botnets are being used for all sorts of malicious purposes, ranging from DDoS attacks to stealing data and sending spam. 

How does it work?

Recently, a botnet dubbed KashmirBlack has popped up that focuses on cryptomining, spamming, and defacement attacks. The botnet has already successfully infected thousands of websites running popular CMSes, including Joomla, WordPress, Drupal, and Magneto. The propagation of the bot is mainly reliant on Python and Perl installed on many Linux servers. 

Vulnerabilities exploited

KashmirBlack exploits known vulnerabilities in systems, such as remote code execution, unrestricted upload of files, traversing the directory system, and capability of brute-force password-guessing due to the lack of limitations on credential attempts. 

Beware of these

  • The Golang-written Interplanetary Storm botnet can be utilized as an anonymization proxy-network-as-a-service and can be rented on a subscription basis. Apart from this, this novel botnet comes with a lot many capabilities in its arsenal.  
  • The Lemon Duck crypto-currency mining botnet has seen a recent surge in use, starting from August. This complicated botnet targets computers to mine Monero cryptocurrency and has been targeting systems in Asia.  

Save your systems

  • Remove malicious files
  • Remove unused plug-ins and themes
  • Kill malicious processes

The bottom line

Unfortunately, cybercrime has become a reality of life and new vulnerability exploits are being revealed on a regular basis. Botnets are gaining increased capabilities and every time one is shut down, another pops up with better capabilities. Thus, simple precautions such as password hygiene and system updates can go a long way in preventing one's devices from getting hacked.

Cyware Publisher

Publisher

Cyware