Malicious NSOCKS proxy service-powering botnet dismantled

20 November 2024

More than a dozen n-day vulnerability exploits for various IoT devices, including Netgear and Zyxel products, have been leveraged to facilitate initial access, with the targeted devices establishing C2 communications to determine the usability of the bot for the proxy network and eventual connection with the NSOCKS proxy service, an analysis from Black Lotus Labs revealed. Additional findings showed the NSOCKS proxy network’s lacking security defenses, which have enabled exploitation of discoverable proxies in distributed denial-of-service, phishing, and credential stuffing attacks even for non-paying threat actors.

Source: SC Magazine

Date:

20 November 2024

Categorie(s):

NEWS

Tag(s):

IT, Malicious, News

ANY.RUN Sandbox Automates Interactive Analysis of Complex Cyber Attack Chains20 November 2024
60% of Emails with QR Codes Classified as Spam or Malicious20 November 2024
VMware vCenter Users Risk RCE Attacks. Two Flaws Exploited in the Wild20 November 2024
Malicious NSOCKS proxy service-powering botnet dismantled20 November 2024
Finastra investigates data breach affecting client files20 November 2024