Recherche : [netlab360]

Fodcha Is Coming Back, Raising A Wave of Ransom DDoS https://blog.netlab.360.com/fodcha-is-coming-back-with-rddos/

01/11/2022 20:46:08

Background
On April 13, 2022, 360Netlab first disclosed the Fodcha botnet. After our
article was published, Fodcha suffered a crackdown from the relevant
authorities, and its authors quickly responded by leaving "Netlab pls leave me
alone I surrender" in an updated sample.No surprise, Fodcha's authors didn't
really stop updating after the fraudulent surrender, and soon a new version was
released.

In the new version, the authors of Fodcha redesigned the communication protocol
and started to us

A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information https://blog.netlab.360.com/a-new-botnet-orchard-generates-dga-domains-with-bitcoin-transaction-information/

09/08/2022 13:07:41

DGA is one of the classic techniques for botnets to hide their C2s, attacker
only needs to selectively register a very small number of C2 domains, while for
the defenders, it is difficult to determine in advance which domain names will
be generated and registered.

Liens par page

Filtres