Permission to quote from or reproduce Spamhaus News articles is granted automatically providing you state the source as Spamhaus and link to the news record.
|
|
 |
2021-06-23 UTC |
| The malware the Emotet botnet dropped remains a persistent and imminent threat. After the Emotet takedown, a new picture is coming into focus. Emotet may be down, but the lucrative modus operandi of thread hijacking it popularized is being utilized by other ransomware botnets.... (>) |
|
|
2021-01-29 UTC |
| For those infected with Emotet, challenges remain.... (>) |
|
|
2020-07-30 UTC |
| The pandemic certainly didn’t put the brakes on botnet operators in Q2 2020. After the welcome decrease in activity at the end of Q1, the research team tracked and listed a 29%* increase in the number of botnet Command & Controllers (C&Cs) this quarter.
This increased activity is highlighted across most of our Top 20... (>) |
|
|
2020-07-16 UTC |
| Qbot (aka Quakbot or Qakbot), is a piece of malware originally designed to enable bad actors to conduct financial fraud.... (>) |
|
|
2020-04-21 UTC |
| In the past quarter, the number of botnet Command & Controllers (C&Cs) associated with fraudulent sign-ups, reduced by 57%.... (>) |
|
|
2020-01-28 UTC |
| In the 2019 Botnet Threat Report we look back at key trends from 2019 and highlight the operators who are struggling with the number of botnet C&Cs associated with their particular operations.... (>) |
|
|
2019-12-19 UTC |
| Our researchers have uncovered a new breed of "bulletproof" hosting. Here's what you need to know...... (>) |
|
|
2019-12-12 UTC |
| Since Emotet's resurgence, Spamhaus Malware Labs has been closely monitoring and studying Emotet’s activity. Here’s what we’ve uncovered...... (>) |
|
|
2019-10-11 UTC |
| You would be right to assume that malware authors and botnet operators in the Northern Hemisphere took a break over the summer months. Unfortunately, that assumption would be incorrect.... (>) |
|
|
2019-07-15 UTC |
| In this quarter, Botnet command & control (C&C) traffic remains significantly above the monthly averages of 2018, although it would appear that in June some botnet operators have taken a vacation.... (>) |
|
|
2019-04-25 UTC |
| Welcome to the first quarterly update of 2019
In the first three months of this year, Spamhaus Malware Labs have observed significant changes in the malware that’s associated with botnet Command & Control (C&C) servers, most notably a preference for cybercriminals to utilize crimeware kits...... (>) |
|
|
2019-03-27 UTC |
| Most professionals within enterprise security have come across ‘Emotet'. As its history illustrates, the criminals behind Emotet malware are cunning and quick to maximize its ‘potential.' From a basic banking Trojan to a threat distribution service, it is constantly being re-invented. This ‘constant malware improvement’ isn’t showing any sign of abating. Recently the Spamhaus Malware Labs team have identified further unsettling changes in Emotet.... (>) |
|
|
2018-04-16 UTC |
| Early this year, in March 2018, Microsoft’ Windows Defender Research Team in Redmond published some interesting insights into a massive malware campaign distributing a dropper/loader called Smoke Loader (also known as Dofoil). The main purpose of the documented campaign was to distribute a coin miner payload that is using infected machines to mine crypto currencies. Within 12 hours, Windows Defender recorded more than 400,000 instances, but could deploy appropriate countermeasures on computers running Windows within seconds. As further analysis from Spamhaus Malware Labs revealed, these countermeasures did not stay unattended by the malware authors behind Smoke Loader.
Runtrace... (>) |
|
|
2018-01-08 UTC |
| Now that 2017 is behind us, as we do each year, the Spamhaus Project would like to give some numbers and thoughts on the botnet threats we encountered. In 2017, Spamhaus Malware Labs identified and issued Spamhaus Block List (SBL) listings for more than 9,500 botnet Command & Control servers on 1,122 different networks. A botnet controller, commonly abbreviated as "C&C", is being used by fraudsters to both control malware infected machines and to extract personal and valuable data from malware infected victims. Botnet controllers therefore play a core role in operations conducted by cybercriminals who are using infected machines to send out spam, ransomware, launch DDoS attacks, commit ebanking fraud, click-fraud or to mine cryptocurrencies such as Bitcoin. An infected machine can be a desktop computer, mobile device (like a smartphone) but also an IoT device ("Internet Of Things") device such as webcam or network attached storage (NAS) that is connected to the internet.... (>) |
|
|
2017-12-28 UTC |
| Spamhaus Malware Labs - Spamhaus's malware research unit - recently observed a wave of new PandaZeuS malware samples being distributed during the Christmas season. PandaZeuS, also known as Panda Banker, is an ebanking Trojan that evolved from the notorious ZeuS trojan and is being used by different threat actors to compromise ebanking credentials, used by cybercriminals to commit ebanking fraud.... (>) |
|
|
2017-12-19 UTC |
| Over the past three weeks, some of our users have noticed that the XBL (CBL) database has grown substantially in size. There are two major reasons for this.
1) Increase from the Internet of Things (IoT)
2) Increase From Andromeda botnet takedown... (>) |
|
|
2017-04-25 UTC |
| Cloud computing is popular these days. Millions of users consume computing power out of the cloud every day. Cloud computing comes with several advantages over traditional server hosting, such as scalability and quick deployment of new resources.
As of January 2017, several large botnet operators appear to have discovered the benefits of cloud computing as well, and have started to... (>) |
|
|
2017-01-17 UTC |
| 2016 was a busy year for existing and emerging cyber threats. In the past year, Spamhaus researchers issued listings for over 7,000 botnet Command & Control ("C&C") servers on more than 1,100 different networks. These C&C servers enabled and controlled online crime such as credential theft, e-banking fraud, spam and DDoS attacks. They were also used for the retrieval of stolen data. 2016 will also go down in history as the first year that security issues related to the 'Internet-of-Things' not only became mainstream, but turned into a serious enabler of ever larger attacks and a source of many future problems.... (>) |
|
|
2014-12-31 UTC |
| As 2014 ends, Spamhaus reviews the botnet threats that it detected in
the past year, and provides facts and useful suggestions for ISPs and
web hosts on the front lines of the battle against cybercrime. To
nobody's surprise, botnet activity appears to be increasing. The
majority of detected botnets are targeted at obtaining and exploiting
banking and financial information. Botnet controllers (C&Cs) are hosted
disproportionately on ISPs with understaffed abuse departments,
inadequate abuse policies, or inefficient abuse detection and shutdown
processes. Botnet C&C domains are registered disproportionately with
registrars in locations that have lax laws or inadequate enforcement
against cybercrime.... (>) |
|
|
2011-06-10 UTC |
| All too frequently electronic security breaches result from some form of social engineering trick which entices a user to visit a harmful website by providing a clickable link (URL) with a specially-registered domain which ultimately leads to the user being defrauded or their machine being infected with malware.
Once infected, criminals very quickly gain complete control of that user's... (>) |
|
