BPDoxS

BPDoxS

Share

Building a Safer Digital Landscape: Comprehensive Cybersecurity Solutions for Your Business

Photos from BPDoxS's post 19/09/2023

🌐💻 Navigating the Digital Storm: How COVID-19 Rewrote the Rules of Cyber Crime 🦠🔒

29/03/2023

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service (DDoS) attacks.

"The malware binaries appear to have been named by the malware author after a character from the popular anime series, Naruto, with file name structures such as Hinata--, Akamai said.

Among the methods used to distribute the malware are the exploitation of exposed Hadoop YARN servers and security flaws in Realtek SDK devices (CVE-2014-8361)and Huawei HG532 routers (CVE-2017-17215, CVSS score: 8.8).

Since then, newer artifacts have been detected in Akamai's HTTP and SSH honeypots as recently as this month, packing in more modular functionality and added security measures to resist analysis. This indicates that HinataBot is still in active development and evolving.

The malware, like other DDoS botnets of its kind, is capable of contacting a command-and-control (C2) server to listen for incoming instructions and initiate attacks against a target IP address for a specified duration.

While early versions of the botnet utilized protocols such as HTTP, UDP, TCP, and ICMP to carry out DDoS attacks, the latest iteration is limited to just HTTP and UDP. It's not immediately known why the other two protocols were axed.

Akamai, which conducted 10-second attack tests using HTTP and UDP, revealed that the HTTP flood generated 3.4 MB of packet capture data and pushed 20,430 HTTP requests. The UDP flood, on the other hand, created 6,733 packets for a total of 421 MB of packet capture data.

Besides being used as distractions to conceal extortion and data theft, DDoS attacks are also expected to rise due to the arrival of new malware strains that are capable of targeting IoT devices and taking over accounts to gain unauthorized access to resources.

Want your business to be the top-listed Computer & Electronics Service in Patiala?
Click here to claim your Sponsored Listing.

Telephone

Address


Patiala
147001