BTC $55865.7639
ETH $3222.4858
BNB $400.6682
SOL $110.6842
XRP $0.5548
ADA $0.6230
AVAX $39.2767
DOGE $0.0896
TRX $0.1404
wstETH $3751.1765
LINK $19.0474
DOT $8.0594
WETH $3236.9354
MATIC $1.0625
UNI $10.5983
WBTC $55965.3668
IMX $3.3901
ICP $13.0143
BCH $300.6764
LTC $74.8911
CAKE $3.2355
FIL $8.1517
ETC $28.1561
RNDR $7.4096
KAS $0.1718
DAI $0.9979
HBAR $0.1117
ATOM $11.3293
VET $0.0491
INJ $36.5642
TON $2.1072
OKB $51.3395
LDO $3.5443
FDUSD $1.0015
STX $3.0723
ARB $1.9162
NEAR $4.0168
XMR $131.7677
TIA $17.0755
XLM $0.1186
GRT $0.2823
ENS $22.2643
THETA $2.1117
MKR $2155.4331
WEMIX $2.1023
APEX $2.4575
BEAM $0.0357
BTC $55865.7639
ETH $3222.4858
BNB $400.6682
SOL $110.6842
XRP $0.5548
ADA $0.6230
AVAX $39.2767
DOGE $0.0896
TRX $0.1404
wstETH $3751.1765
LINK $19.0474
DOT $8.0594
WETH $3236.9354
MATIC $1.0625
UNI $10.5983
WBTC $55965.3668
IMX $3.3901
ICP $13.0143
BCH $300.6764
LTC $74.8911
CAKE $3.2355
FIL $8.1517
ETC $28.1561
RNDR $7.4096
KAS $0.1718
DAI $0.9979
HBAR $0.1117
ATOM $11.3293
VET $0.0491
INJ $36.5642
TON $2.1072
OKB $51.3395
LDO $3.5443
FDUSD $1.0015
STX $3.0723
ARB $1.9162
NEAR $4.0168
XMR $131.7677
TIA $17.0755
XLM $0.1186
GRT $0.2823
ENS $22.2643
THETA $2.1117
MKR $2155.4331
WEMIX $2.1023
APEX $2.4575
BEAM $0.0357
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Botnet MyloBot is rapidly spreading around the world

    More than 50,000 computers are infected with malware every day.

    A sophisticated botnet network known as MyloBot has compromised thousands of systems, most of which are located in India, the US, Indonesia and Iran. According to BitSight, there are currently more than 50,000 unique infected systems every day. When, for the whole of 2020, MyloBot hit only 250,000 hosts.

    MyloBot was first discovered in 2017 and documented by Deep Instinct in mid-2018. In November of the same year, experts from Lumen Black Lotus Labs described the botnet as follows: “What makes MyloBot dangerous is its ability to download and execute any payload after infecting a host. This means that at any time it can download any other type of malware the attacker desires.”

    Last year, malware was seen sending emails from jailbroken devices with malicious ransomware attachments.

    MyloBot is known to use a multi-step sequence to unpack and launch a malicious bot. It is noteworthy that for two weeks after the launch, the malware does not take exactly any action. It contacts the C2 server only after this time has elapsed in order to bypass detection by antivirus systems.

    The main function of the botnet is to establish a connection with the prescribed C2 server and wait for further instructions from it. “When Mylobot receives instructions from the C2 server, it turns the infected computer into a proxy. An infected machine can handle multiple connections and relay traffic,” BitSight said.

    When analyzing the infrastructure of MyloBot, experts found connections to the BHProxies residential proxy service, which is used by the compromised machines.

    Researchers from BitSight said that MyloBot, which has changed a lot since its inception, still has development potential. Over time, the botnet is likely to get even more features and various measures from detection, and will also grow the base of infected hosts even more rapidly. All this makes MyloBot one of the most dangerous botnets in the world.

    Author DeepWeb
    16 packages with cryptominers found in the NPM repository
    VMware fixes critical vulnerability in its Carbon Black App Control product

    Comments 0

    Add comment