Bleeping Computer

New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations. The protocol was invented in 1988, and its ...
Infosecurity-magazine.com

Aeternum Botnet Shifts Command Control to Polygon Blockchain

A newly identified botnet loader is shifting command-and-control (C2) operations onto the Polygon blockchain, eliminating the central servers that authorities and security firms have historically ...
Bleeping Computer

AVrecon malware infects 70,000 Linux routers to build botnet

Lumen's Black Lotus security team also addressed the AVrecon threat by null-routing the botnet's command-and-control (C2) server across their backbone network. This effectively severed the connection ...
TechSpot

AVrecon botnet operated unnoticed for two years, infecting 70,000 Linux-based routers

Facepalm: As the US Cybersecurity and Infrastructure Security Agency (CISA) recently warned, exploitation of networking devices such as SOHO routers can provide threat actors with a "global" attack ...
Dark Reading

PumaBot Targets Linux Devices in Latest Botnet Campaign

A novel Go-based Linux botnet, dubbed "PumaBot," has been observed targeting Internet of Things (IoT) devices. PumaBot differentiates itself from typical botnets by remotely retrieving a list of ...
techtimes

SOHO Router-Targeting Botnet AVrecon Infiltrates More Than 70,000 Devices in 20 Countries: How Dangerous Is This Malware Strain?

A stealthy Linux malware called AVrecon has been infecting over 70,000 small office/home office (SOHO) routers, creating a botnet primarily aimed at stealing bandwidth and operating as a hidden ...