BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Glupteba botnet revived


    Researchers at the information security company Nozomi said that the botnet is conducting a new large-scale Glupteba campaign, which began in June 2022 and is still ongoing.

    In December 2021, Google managed to cause significant damage to the botnet's activities, as well as file a lawsuit against two Russian citizens who were in charge of Glupteba. Last month, a US court ruled in favor of the tech giant.

    Glupteba continues to use the blockchain in the same way, so analysts scanned the entire blockchain to find hidden C&C server domains.

    Experts studied 1,500 Glupteba samples uploaded to VirusTotal to extract wallet addresses and decrypt transaction payload data using malware-related keys.

    Nozomi's investigation revealed 15 bitcoin addresses used in 4 Glupteba campaigns, the last of which started in June 2022 and is still ongoing. This campaign uses more bitcoin addresses than previous operations, making the botnet even more resilient. The most productive bitcoin address had 11 transactions and 1197 samples, and its last activity was recorded on November 8, 2022.

    In addition, the number of hidden TOR services used as C&C servers has increased 10 times compared to the 2021 campaign due to a similar reservation approach. Nozomi also reports that botnet operators registered many new Glupteba domains on November 22.

    The Glupteba botnet is back and more destructive as well as more resilient, creating a large number of fallback addresses to resist infrastructure takeover by researchers and law enforcement.

    Author DeepWeb
    Craving and how to deal with it
    SentinelOne collects sensitive developer data

    Comments 0

    Add comment