Recently, FortiGuard Labs captured a suspicious email. After an analysis, we discovered that it was spreading the malware TrickBot. Read to learn more.
Fortinet's quarterly Global Threat Landscape Report reveals threats are increasing and evolving to become more sophisticated. Unique threat variants and families are on the rise, while botnet infections continue to infect organizations.
The FortiGuard Labs team recently discovered a new platform offering DDoS-for-hire service called “0x-booter.” First appearing on October 17, 2018, 0x-booter is available to anyone who signs up on the website. As shown in the following figures, this service comes with an explicitly defined user interface which enables practically anyone to learn and use the service.
IoT and 5G are important technological achievements that are changing the world. However, this optimism needs to be tempered with clear thinking and planning if we want to keep up with the consequent evolution of the threat landscape happening at the same time.
In February 2018, several Russian nuclear scientists were arrested for allegedly mining cryptocurrencies using computing resources located at a Russian nuclear warhead facility. Globally, cryptominers are rapidly increasing and spreading for an obvious reason: it’s lucrative.
At FortiGuard Labs we were interested in searching out other malware that leverages Mirai code modules. Interestingly, one of the families that showed up in our search was the Hide ‘N Seek (HNS) bot, which was discovered in January of 2018. HNS is a complex botnet that uses P2P to communicate with peers/other infected devices to receive commands. In this article, I will discuss how the Mirai bot code was used in this HNS bot.
Educational institution networks continue to be a favorite playground for cybercriminals. Because of the age and interests of the majority of educational users, these networks tend to incorporate cutting edge technologies and strategies.
The first Okiru sample appeared around October 2017 ,and FortiGuard Labs created a write up of its development last December, which included worm capabilities and the embedding of two different exploits. As a follow up, we will now share our findings on the latest Okiru variant that targets ARC processors.