Enemybot malware expands its arsenal by exploiting well-known vulnerabilities
Enemybot malware expands its arsenal by exploiting well-known vulnerabilities
Threat Level
Attack Report
For a detailed advisory, download the pdf file here
Summary
EnemyBot, a Mirai-based botnet, is expanding its arsenal by exploiting well-known vulnerabilities in log4j, VMware workspace, Spring Framework, and others. Keksec, also known as Nero and Freakout, is the threat actor behind EnemyBot. Since 2016, this group has been known for crypto-mining and distributed denial-of-service (DDoS) attacks.