BTC $56772.0455
ETH $3229.2692
BNB $393.0365
SOL $106.6536
stETH $3224.6597
XRP $0.5621
ADA $0.6137
AVAX $38.6261
DOGE $0.0960
TRX $0.1415
wstETH $3753.2551
DOT $8.0619
LINK $18.8685
WETH $3222.5827
MATIC $1.0217
UNI $10.5943
WBTC $56672.8182
IMX $3.2827
ICP $12.8638
BCH $296.0952
LTC $73.4211
CAKE $3.1049
LEO $4.3751
ETC $27.6986
FIL $7.7121
KAS $0.1681
RNDR $7.1714
DAI $0.9992
HBAR $0.1085
ATOM $10.9103
INJ $37.3719
VET $0.0480
TON $2.1032
OKB $51.5043
FDUSD $1.0007
LDO $3.4620
STX $3.0518
XMR $133.5710
ARB $1.8885
XLM $0.1189
GRT $0.2844
TIA $16.9400
NEAR $3.9210
ENS $21.6903
MKR $2126.5962
WEMIX $2.0704
APEX $2.3723
BTC $56772.0455
ETH $3229.2692
BNB $393.0365
SOL $106.6536
stETH $3224.6597
XRP $0.5621
ADA $0.6137
AVAX $38.6261
DOGE $0.0960
TRX $0.1415
wstETH $3753.2551
DOT $8.0619
LINK $18.8685
WETH $3222.5827
MATIC $1.0217
UNI $10.5943
WBTC $56672.8182
IMX $3.2827
ICP $12.8638
BCH $296.0952
LTC $73.4211
CAKE $3.1049
LEO $4.3751
ETC $27.6986
FIL $7.7121
KAS $0.1681
RNDR $7.1714
DAI $0.9992
HBAR $0.1085
ATOM $10.9103
INJ $37.3719
VET $0.0480
TON $2.1032
OKB $51.5043
FDUSD $1.0007
LDO $3.4620
STX $3.0518
XMR $133.5710
ARB $1.8885
XLM $0.1189
GRT $0.2844
TIA $16.9400
NEAR $3.9210
ENS $21.6903
MKR $2126.5962
WEMIX $2.0704
APEX $2.3723
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New HinataBot botnet uses vulnerabilities in network equipment to carry out DDoS attacks

    In a recent report from Akamai, experts revealed a new Golang-based botnet called HinataBot. The botnet uses known vulnerabilities to compromise routers and servers in order to organize massive DDoS attacks.

    Among the methods used to distribute malware are the exploitation of open Hadoop YARN servers, as well as vulnerabilities in Realtek SDK (CVE-2014-8361) and Huawei HG532 routers (CVE-2017-17215).

    Old unpatched vulnerabilities and weak credential protection have become easy prey for attackers. After all, they found a documented entry point that does not require complex social engineering tactics and the like.

    The attackers behind HinataBot are said to have been active since at least December 2022. But first they used the Mirai malware in their attacks, and only then, starting on January 11, 2023, they switched to malware of their own design.

    Since the first discovery of HinataBot, Akamai experts have also found several more variations of the malware, but fresher. In them, experts found more modular functionality and additional security measures. All this indicates that HinataBot is still in the active development stage.

    HinataBot, like other similar DDoS botnets, is capable of contacting a C2 server to receive instructions and initiate attacks on targeted IP addresses within a given time.

    While early versions of the botnet used protocols such as HTTP, UDP, TCP, and ICMP to carry out DDoS attacks, the latest iteration is limited to HTTP and UDP only. Why exactly the other two protocols ceased to be involved is unknown. Maybe the authors of the malware are just experimenting.

    Akamai researchers conducted a number of HinataBot tests and, according to their calculations, in a real attack involving 10,000 bots, the maximum UDP flood rate will exceed 3.3 terabits per second (Tbps), which will lead to a powerful volumetric attack. An HTTP flood will generate approximately 27 gigabits per second (Gbps) of traffic.

    “Attackers used the Go language to take advantage of its high performance, ease of multithreading, multi-architecture support, and operating system cross-compilation, but also likely because Go complicates compilation and makes reverse engineering difficult,” Akamai said.
    Author DeepWeb
    Grouping BianLian excluded encryption from the chain of attacks
    Crown Resorts gambling company had their data lost by hackers

    Comments 0

    Add comment