8220 Gang Cloud Botnet infected 30,000 host globally
Security Affairs
JULY 21, 2022
The 8220 group has been active since at least 2017, the threat actors are Chinese-speaking and the names of the group come from the port number 8220 used by the miner to communicate with the C2 servers. The latest versions of the infection script use block lists to avoid infecting specific hosts, such as researcher honeypots. .
Let's personalize your content