Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Experts reveal a new XordDOS controller, infrastructure because malicious programs are expanding to DoCar, Linux, IoT
Global Security

Experts reveal a new XordDOS controller, infrastructure because malicious programs are expanding to DoCar, Linux, IoT

AdminBy AdminApril 18, 2025No Comments2 Mins Read
New XorDDoS Controller, Infrastructure
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


April 18, 2025Red LakshmananIoT / malicious software safety

New XordDos controller, infrastructure

Cybersecurity researchers warn of the constant risks provided by distributed malicious software refusal (DDOS) XorddosFrom 71.3 percent of the attacks between November 2023 and February 2025, sent to the US.

“From 2020 to 2023, Trojan Xorddos has increased significantly in prevalence,” Cisco Talos Joey researcher – Note In the Thursday analysis.

Cybersecurity

“This trend is not only due to the widespread global distribution of the Triana XordDOS, but also to the impact on the malicious DNS-related and control (C2).

Almost 42 percent of compromised devices are located in the US, then Japan, Canada, Denmark, Italy, Morocco and China.

XordDos is a well-known malicious software that has the results of bright Linux systems for over ten years. In May 2022 Microsoft report A significant surge of XordDOS activity, with infections opening the path to malware for cryptocurrency mining, such as tsunami.

The primary original access path provides for safe shells (SSH) to get valid SSH credentials and then download and install malicious software on vulnerable IoT and other internet -related devices.

After successful installation, the malicious software creates persistence using a built -in initialization script and Cron’s assignment to run automatically when running the system. It also uses the XOR “BB2Fa36AAAAAAA9541F0” key to decrypt the configuration that is present inside itself to get the IP -ADRAPS required to communicate C2.

Cybersecurity

Thalas said it was observed in 2024. The new version of the XordDos Current, called VIP -versionAnd its relevant central controller, as well as a builder indicating that the product is probably advertised for sale.

The Central Controller is responsible for managing several XordDOS -controlled XordDos and at the same time sending DDOS commands. Each of these undercurrent, in turn, is commanding botnet infected devices.

“The settings of the multilayer controller, the Builder XordDOS and the controller’s tie are strongly indicating that operators are Chinese,” Chen said.

Found this article interesting? Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025

Packages malicious Pypi, NPM and Rubin

June 4, 2025

HPE releases security patch for Storeonce error, which allows by -by -distance authentication

June 4, 2025

Fake Docusign, Gitcode Sites Distributed Netsupport Rat Through Multiple Attack PowerShell

June 3, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025

Packages malicious Pypi, NPM and Rubin

June 4, 2025

HPE releases security patch for Storeonce error, which allows by -by -distance authentication

June 4, 2025

Fake Docusign, Gitcode Sites Distributed Netsupport Rat Through Multiple Attack PowerShell

June 3, 2025

Critical 10-year Error Webmail RoundCube allows users to run the malicious code

June 3, 2025

Understanding the scammers and how to defend their organization

June 3, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.