Background Recently NSFOCUS Security Labs detected a batch of suspicious ELF files spreading widely. Further analysis confirmed that these ELF samples belonged to a new botnet family. We named the family “Peachy Botnet†according to the signature information left by the Bot author in the sample. The Peachy Botnet began...
Tag: Botnet
Analysis of 2020 H1 Botnet and Honeypot-captured Threat Trends-1
Overview In the distributed denial-of-service (DDoS) botnet activities in 2020 H1, most were from Mirai, Gafgyt, and other major families. In 2020 H1, DDoS attack means were dominated by UDP floods, CC, and TCP floods. In 2020 H1, Hostwinds, Digital Ocean, and OVH were the major hosted cloud service providers...
Vollgar Botnet Threat Alert
Overview On April 1, the Guardicore Labs team uncovered a long-running attack campaign which aims to infect Windows machines running MS-SQL servers. At least since May 2018, the campaign uses password brute force to breach victim machines, deploys multiple backdoors, and executes numerous malicious modules, such as remote access tools...
Technical Analysis Report on Rowdy, A New Type of IoT Malware Exploiting STBs
In August 2017, NSFOCUS's DDoS situation awareness platform detected anoma-lous bandwidth usage over a customer's network, which, upon analysis, was confirmed to be a distributed denial-of-service (DDoS) attack. The attack was characterized by different types of traffic, including TCP flood, HTTP flood, and DNS flood. Tracing source IP addresses, we...
