Zerobot botnet can now hack into Apache, Apache Spark servers

/in


Malware activities carried out by botnets pose a danger to devices and networks that is always developing. Due to the fact that Internet of Things (IoT) devices’ setups often leave them open to attack, threat actors target these devices in order to enlist them into nefarious activities. Additionally, the number of internet-connected devices continues to increase. Operators are redeploying malware for a range of distributions and aims, changing existing botnets to expand operations, and adding as many devices as possible to their infrastructure, according to recent trends.

An example of a threat that is always adapting is Zerobot, which is a Go-based botnet that spreads largely via vulnerabilities in Internet of Things (IoT) devices and online applications. The malware’s controllers are continually adding new exploits and capabilities to it. For many months, the research team for Microsoft Defender for IoT has been keeping an eye on Zerobot, which is also referred to as ZeroStresser by its owners. Since Microsoft began monitoring it, Zerobot has undergone many iterations of modification and has been made available as part of a malware as a service program. The Federal Bureau of Investigation (FBI) seized multiple domains in December 2022 that were related with DDoS-for-hire businesses. Among those domains was one that had ties to Zerobot.

Microsoft has already remarked on the ever-changing environment of potential dangers. The transition in the cyber economy toward malware as a service has industrialized attacks and made it simpler for attackers to purchase and use malware, establish and maintain access to compromised networks, and use ready-made tools to carry out their attacks. This has led to an increase in the number of successful cyberattacks. We have been keeping an eye out for adverts for the Zerobot botnet on a variety of social media networks, in addition to other notifications about the sale and maintenance of the malware, as well as additional capabilities that are currently under development.

The Zerobot botnet, which was discovered for the first time earlier this month, is targeting Apache systems in an effort to broaden the range of Internet of…

Source…