Water Barghest Botnet Comprised 20,000+ IoT Devices By Exploiting Vulnerabilities

20 November 2024

Water Barghest, a sophisticated botnet, exploits vulnerabilities in IoT devices to enlist them in a residential proxy marketplace by leveraging automated scripts to identify vulnerable devices from public databases like Shodan. When the device is compromised, the Ngioweb malware is installed in a stealthy manner, thereby establishing a connection to command-and-control servers. The infected device is rapidly registered as a proxy, often within 10 minutes, enabling immediate monetization through the proxy marketplace, which highlights the significant threat posed by Water Barghest to IoT security. Automation by Water Barghest It automates the process of exploiting vulnerable IoT devices, starting with acquiring n-day or zero-day exploits by using Shodan to identify vulnerable devices and their IP addresses, then launches attacks using data-center IP addresses.

Source: GBHackers

Date:

20 November 2024

Categorie(s):

NEWS

Tag(s):

Cybersecurity Threats, Devices, Malware, Security Pro, Vulnerability

“Sad announcement” email leads to tech support scam20 November 2024
D-Link tells users to trash old VPN routers over bug too dangerous to identify20 November 2024
ANY.RUN Sandbox Now Automates Interactive Analysis of Complex Cyber Attack Chains20 November 2024
Custom Workflows for Cybersecurity Incident Reporting and Tracking20 November 2024
Water Barghest Botnet Comprised 20,000+ IoT Devices By Exploiting Vulnerabilities20 November 2024