Contributor Maxim Zavodchik

New Python-Based Crypto-Miner Botnet Flying Under the Radar

Article / Jan 3, 2018 (MODIFIED: Jan 25, 2018)

By maxim zavodchik liron segal aaron brailsford

A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.

Zealot: New Apache Struts Campaign Uses EternalBlue and EternalSynergy to Mine Monero on Internal Networks

Article / Dec 15, 2017 (MODIFIED: Jan 18, 2018)

By maxim zavodchik liron segal

Zealot Apache Struts campaign targets vulnerabilities in Windows, Linux, and DotNetNuke, then uses leaked NSA exploits to mine Monero on internal networks.

Wirex Android DDoS Malware Adds UDP Flood

Blog / Sep 1, 2017 (MODIFIED: Oct 4, 2017)

By julia karpin liron segal maxim zavodchik

As quickly as attackers commandeer IoT devices to build more “thingbots,” they continue to evolve their attack types and functionality.

From DDoS to Server Ransomware: Apache Struts 2 – CVE-2017-5638 Campaign

Article / Mar 27, 2017 (MODIFIED: Jul 24, 2017)

By maxim zavodchik ilya chernyakov julia karpin dylan syme

It is amazing how quickly threat actors using old web vulnerabilities in their campaigns can adapt and switch to new zero-days to deliver the same payloads.

Dridex Botnet 220 Campaign: Targeting UK Financials With Webinjects

Article / Feb 25, 2016 (MODIFIED: Jul 6, 2017)

By maxim zavodchik

Like many other financial Trojans, the notorious Dridex malware keeps evolving and strengthening its presence.

Shellshock: Malicious Bash, Obfuscated perlb0t, Echo Probes, and More

Report / Oct 10, 2014 (MODIFIED: Jul 6, 2017)

By maxim zavodchik oz elisyan

Shellshock can take advantage of HTTP headers as well as other mechanisms to enable unauthorized access to Bash.

perlb0t: Still in the Wild with UDP Flood DDoS Attacks

Article / Jul 24, 2014 (MODIFIED: Jul 6, 2017)

By maxim zavodchik

Despite being around since 2005, perlb0t is still being used against unpatched servers.

Follow us on social media.