Wednesday, May 29, 2024

Law enforcement and Microsoft Shutdown a Major Malware Attack by Mapping 400,000 IP’s

Microsoft’s Digital Crimes Unit (DCU) uncovered an IoT botnet operation that 100 times within one month. Analyzing further DCU team able to map 400,000 publicly available IPs and narrowed 90 suspicious IPs.

The botnets continue to increase, as the threat actors can abuse millions of devices to carry out malicious activities.

Major Malware Attack

Out of 90 suspicious IP DCU able to define one IP that associated with the distribution of several malicious activities including malware, phishing emails, ransomware, and DDoS attacks.

The issue has been further reported by DCU to Taiwan’s Ministry of Justice Investigation Bureau (MJIB), who tracked down the illegal VPN IP quickly and the accounts behind it.

Generally, cybercriminals use compromise PCs to launch cyberattacks, but this time an IOT LED light control console is used. MJIB managed to shut down the device quickly.

“This case marks a milestone. That’s because we were able to take down the IoT device and secure the breach to a limited range for those compromised computers in Taiwan, which is quite different from our previous global cooperation cases,” says Director Fu-Mei Wu, who leads the MJIB’s

In the IoT Ecosystem, Not too long ago in history, the idea that people and objects could be inter-connected would be considered absurd, it also posses some major risks.

“The MJIB is busy with cases of computer intrusions and cyberattacks, with the trend increasing over the last two years. These hackers are targeting the government and the technology industry, trying to steal and leak confidential information and launch full information warfare campaigns.”

Earlier Microsoft has taken down the infamous Necurs botnet that impacted more than nine million computers worldwide. The Necurs botnet is the largest spam and malware botnet.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

Researchers Exploited Nexus Repository Using Directory Traversal Vulnerability

Hackers target and exploit GitHub repositories for a multitude of reasons and illicit purposes.The...

DDNS Service In Fortinet Or QNAP Embedded Devices Exposes Sensitive Data, Researchers Warn

Hackers employ DNS for various purposes like redirecting traffic to enable man-in-the-middle attacks, infecting...

PoC Exploit Released For macOS Privilege Escalation Vulnerability

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege...

CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS)...

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles