Friday, March 29, 2024

Ukraine Police Arrests DDoS Botnet Operator Who Have Compromised 100,000 Devices

The law enforcement authorities of the Ukrainian have recently arrested a hacker on Monday who is accountable for the formulation and administration of a “powerful botnet” that has over 100,000 controlled devices.

All these devices were utilized to convey out dispersed denial-of-service (DDoS) attacks, as well as spam attacks on account of paid customers.

Here are the information publicized by the Security Service of Ukraine (SSU):- 

  • The suspect’s name was not published.
  • The arrest took place in the Ivano-Frankivsk region, in the Kolomyia district.
  • SSU officers examined the suspect’s house and confiscated their computer equipment.
  • SSU told that the suspect had promoted their services through Telegram and closed-access forums.
  • The suspect took payment through WebMoney, a Russian money transfer platform that is forbidden in Ukraine.

After reviewing the whole attack, the security experts pronounced that the activity that has been conducted by the hackers has included brute-forcing login credentials at websites.

And they are also conducting spamming operations, and penetration testing on remote devices so that they can easily recognize and exploit vulnerabilities. Not only this but SSU officers also claimed that the threat actors not only using the sheer power of the botnet to shut the sites.

Rather than that the threat actors have performed reconnaissance and penetration testing so that they can recognize and exploit vulnerabilities in the websites that they have targeted.

Moreover, the hacker under the Criminal Code of Ukraine is preparing a report of suspicion, and here they are:-

  • Part 2 of Art. 361-1: Creation for the purpose of use, distribution, or sale of malicious software or hardware, as well as their distribution or sale.
  • Part 2 of Art. 363-1: Interference with the work of electronic computers (computers), automated systems, computer networks, or telecommunication networks through the mass distribution of telecommunication messages.

Opsec Mistake

The SSU officers of Ukrainian have conducted a press release just after they identified the attack. However, in the press release, they affirmed that the threat actor has found the customers on individual forums and Telegram channels.

Once he found his customers the threat actors get paid via electronic platforms like ‘Webmoney’ for conducting all these illegal operations and attacks. 

To get the money the hacker initially creates an account on Webmoney that has its actual address, and consequently, here the Ukrainian police get to know the exact location of the operator.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles