Russia-linked APT28 and crooks are still using the Moobot botnet
Security Affairs
MAY 3, 2024
The analysis of memory dumps and command-and-control connections revealed that the botnet is running a variant of the Ngioweb malware. Pawn Storm most likely easily brute forced the credentials of the backdoored SSH servers and thus gained access to a pool of EdgeRouter devices they could abuse for various purposes.”
Let's personalize your content