Sunday, May 18, 2025
HomeBotnetNewly Emerging DDoS Botnet Attack on Electrum Takes 152,000 Hosts Under...

Newly Emerging DDoS Botnet Attack on Electrum Takes 152,000 Hosts Under its Control

Published on

SIEM as a Service

Follow Us on Google News

Newly Emerging DDoS botnet attack that targets one of the most popular bitcoin wallet Electrum and now it reaches the 152,000 infected hosts.

This DDoS Botnet rapidly growing and takes many hosts Under its control since April 24 when the number of infected machines in the botnet was just below 100,000 but its keep increasing and finally reaches the 152k hosts according to the online tracker report.

Electrum users are continuously targeting by a series of phishing attacks since last Dec 2018 and stolen over $4 million USD at current exchange rates.

- Advertisement - Google News

Due to the weakness in the Electrum software, attackers able to trick users into downloading a malicious version of the wallet from two different rogue projects were active on Github from around December 21 through December 27.

hxxps://github.com/electrum-project/electrum/releases/tag/3.4.1
hxxps://github.com/electrum-wallet/electrum/releases
Fake update

But developers behind the Electrum decided to exploit the same flaw in their own software in order to redirect users to download the latest patched version.

Later this incident, threat actors were started to attack the legitimate Electrum servers that lead to overwhelmed the vulnerable clients that connected to malicious nodes.

Researchers from Malwarebytes uncovered the two distribution campaigns (RIG exploit kit and Smoke Loader) that associate with this botnet dropping the ElectrumDoSMiner malware.

Along with this, another loader called Trojan.BeamWinHTTP also involved with this attack that downloading ElectrumDoSMiner from a remote server.

According to Malwarebytes report, “As can be seen in the VirusTotal graphs above and below, there are hundreds of malicious binaries that retrieve the ElectrumDoSMiner. We surmise there are probably many more infection vectors beyond the three we’ve uncovered so far”

Attackers mainly targeting the Asia Pacific region (APAC), especially most bots are located in Brazil and Peru.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Hackers Offered IoT Botnet as Service “TheMoon” : Botnet-as-a-Service

Hackers Exploiting ThinkPHP Vulnerability To Expand Hakai and Yowai Botnets

New Hacking Group Outlaw Distributing Botnet to Scan The Network & Perform Cryptocurrency-Mining & Brute-Force Attack

Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2

Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering...

Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack

A serious security flaw affecting the Eventin plugin, a popular event management solution for...

Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication

A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign...

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads

A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Record-Breaking $27 Billion Black Market ‘Haowang Guarantee’ Deals Conducted Behind Closed Doors

Major victory against online crime, two of the world’s largest illicit marketplaces-Huione Guarantee (also...

New HTTPBot Botnet Rapidly Expands to Target Windows Machines

The HTTPBot Botnet, a novel Trojan developed in the Go programming language, has seen...

Threat Actors Leverage DDoS Attacks as Smokescreens for Data Theft

Distributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded...