Russia-linked APT28 and crooks are still using the Moobot botnet
Security Affairs
MAY 3, 2024
The threat actors used the botnet harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages and custom tools. Pawn Storm most likely easily brute forced the credentials of the backdoored SSH servers and thus gained access to a pool of EdgeRouter devices they could abuse for various purposes.”
Let's personalize your content