![]() ![]() ![]() ![]() The bot infiltrated the devices through the CVE-2017-6079 vulnerability, which allows execution of arbitrary commands. This zombie network consists solely of EdgeMarc Enterprise Session Border Controller devices located on AT&T carrier networks. The EwDoor botnet, which first came to researchers’ attention in late October, turned out to be more picky than Abcbot. This is further evidence that the same botnets are often used for mining and DDoS. Then in December, researchers at Cado Security linked the botnet to the Xanthe cryptojacking group. In October, the botnet was upgraded with DDoS functionality. A zombie network, named Abcbot by researchers, first hit the radar in July, but at the time it was little more than a simple scanner attacking Linux systems by brute-forcing weak passwords and exploiting known vulnerabilities. Q4 2021 saw the appearance of several new DDoS botnets. ![]()
0 Comments
Leave a Reply. |