FortiGuard Labs Threat Research
New Rust Botnet "RustoBot" is Routed via Routers
FortiGuard Labs recently discovered a new botnet propagating through TOTOLINK devices. Learn more about this malware targeting these devices.
FortiGuard Labs Threat Research
New “Goldoon” Botnet Targeting D-Link Devices
FortiGuard Labs discovered the new botnet “Goldoon” targeting D-Link devices through related vulnerability CVE-2015-2051. Learn more.
FortiGuard Labs Threat Research
OriginBotnet Spreads via Malicious Word Document
FortiGuard Labs detected a Word doc with a malicious URL, leading to a 400MB loader, distributing OriginBotnet, RedLine Clipper, and AgentTesla. Learn more.
FortiGuard Labs Threat Research
Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389
FortiGuard Labs encountered recent samples of a DDoS-as-a-service botnet calling itself Condi. It attempted to spread by exploiting TP-Link Archer AX21 (AX1800) routers vulnerable to CVE-2023-1389, which was disclosed in mid-March of this year. Read more.
FortiGuard Labs Threat Research
AndoryuBot – New Botnet Campaign Targets Ruckus Wireless Admin Remote Code Execution Vulnerability (CVE-2023-25717)
FortiGuard Labs details how a unique botnet leverages a Ruckus vulnerability and examines its behavior once inside an infected device. Learn more.
FortiGuard Labs Threat Research
2022 IoT Threat Review
FortiGuard Labs continuously monitors the IoT botnet threat landscape for new and emerging campaigns. Read our blog with insights into malware campaigns that have been actively targeting IoT devices for infection.
FortiGuard Labs Threat Research
GoTrim: Go-based Botnet Actively Brute Forces WordPress Websites
FortiGuard Labs encountered an unreported CMS scanner and brute forcer written in the Go programming language. Read our analysis of the malware and how this active botnet scans and compromises websites.
FortiGuard Labs Threat Research
Warning: GRIM and Magnus Android Botnets are Underground
Since the beginning of 2022, there are more Android botnet newcomers. FortiGuard Labs has seen two new banking botnets: GRIM and Magnus. Read our blog to find out more.
FortiGuard Labs Threat Research
Android/Bianlian Botnet Trying to Bypass Photo TAN Used for Mobile Banking
FortiGuard Labs has been closely investigating the Android BianLian botnet (also known as Hydra). Although it emerged in 2018, it is still alive in 2022. Our blog provides a brief analysis as well as its new tricks.
FortiGuard Labs Threat Research
Enemybot: A Look into Keksec's Latest DDoS Botnet
FortiGuard Labs observed a new DDoS botnet calling itself “Enemybot” and attributing itself to the Keksec threat group. Read our blog to learn its methods of obfuscation, how it leverages vulnerabilities to infect devices, and executes commands once inside an infected device.
