Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

New Python-based Hacking Tool Unleashed

January 12, 2024
Reading Time: 3 mins read
in Alerts

In the realm of cybersecurity threats, a new Python-based hacking tool named FBot has emerged, targeting a wide range of digital domains, including web servers, cloud services, content management systems (CMS), and notable SaaS platforms like AWS, Microsoft 365, PayPal, Sendgrid, and Twilio. The tool, recently uncovered by SentinelOne security researcher Alex Delamotte, boasts features such as credential harvesting for spamming attacks, tools for hijacking AWS accounts, and capabilities to launch attacks on PayPal and various SaaS accounts. Unlike its counterparts AlienFox, GreenBot, Legion, and Predator, FBot stands out by not sharing source code from AndroxGh0st, although it does exhibit similarities with Legion. Its primary objective is to compromise cloud, SaaS, and web services, obtaining initial access and monetizing it by selling the acquired access to other malicious actors.

FBot’s functionality extends beyond the conventional hacking toolkit, offering the generation of API keys for AWS and Sendgrid, random IP address generation, reverse IP scanning, and validation of PayPal accounts and associated email addresses. Notably, it employs a unique method of initiating PayPal API requests through a Lithuanian fashion designer’s retail sales website. The malware also possesses AWS-specific features to inspect AWS Simple Email Service (SES) email configurations and ascertain the targeted account’s EC2 service quotas. The Twilio-related functionality aids in gathering specifics about the account, including balance, currency, and linked phone numbers. FBot’s capabilities further include extracting credentials from Laravel environment files, showcasing its sophistication and multifaceted approach to cyber intrusion.

SentinelOne’s investigation reveals that FBot samples have been active in the wild since July 2022, with evidence suggesting ongoing usage as recently as the current month. While the tool’s distribution method and maintenance status remain unknown, Delamotte suggests that FBot may be a product of private development work, possibly distributed through smaller-scale operations. This aligns with a broader trend in the cybersecurity landscape, where bespoke “private bots” are tailored for individual buyers, resembling the modus operandi observed in AlienFox builds. The emergence of FBot underscores the evolving nature of cyber threats and the continuous efforts required to stay ahead in the cybersecurity landscape.

Reference:
  • Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services
Tags: Cyber AlertCyber Alerts 2024Cyber RiskCyber threatFBotJanuary 2024PythonTools
ADVERTISEMENT

Related Posts

Glibc Flaw Gives Linux Root Access Risk

Mozilla Urgent Firefox Patch Fixes RCE Flaws

May 19, 2025
Fileless Remcos RAT Delivery Via LNK Files

ModiLoader Malware Targets Windows Users

May 19, 2025
Glibc Flaw Gives Linux Root Access Risk

Glibc Flaw Gives Linux Root Access Risk

May 19, 2025
Fileless Remcos RAT Delivery Via LNK Files

APT28 RoundPress Webmail Hack Steals Emails

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

Fileless Remcos RAT Delivery Via LNK Files

May 16, 2025

Latest Alerts

Mozilla Urgent Firefox Patch Fixes RCE Flaws

ModiLoader Malware Targets Windows Users

Glibc Flaw Gives Linux Root Access Risk

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Subscribe to our newsletter

    Latest Incidents

    Massive DDoS Hits Poland’s Civic Platform

    Arla Plant Cyberattack Halts Operations

    Georgia’s Harbin Clinic Hit by Data Breach

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial