Security through data

MAIN

  • Home
  • Alerts
  • Blog
  • Events
  • Incidents
  • Tutorials

FEATURED

  • AI
  • Privacy
  • Cryptocurrency
  • Blockchain
  • IoT
  • Deep Web
  • Threat Actors
  • Social Engineering
  • Phishing
  • Malware
  • E-Commerce
  • Deepfake
  • Quantum Computing

COMPANY

  • About us
  • Advertise
  • Legal & Policy
Cybermaterial
  • CATEGORIES
    • Cyber101
      • Definition
      • Quote
    • Document
      • Cheat Sheet
      • Paper
      • Report
    • Education
      • Certification
      • Course
    • Entertainment
      • Documentary
      • Game
      • Meme
      • Movie
      • TV Show
    • Learning
      • Book
      • Lexicon
      • Podcasts
      • Tutorials
    • Tool
      • Hardware
      • Software
No Result
View All Result
Contact Us
Cybermaterial
  • CATEGORIES
    • Cyber101
      • Definition
      • Quote
    • Document
      • Cheat Sheet
      • Paper
      • Report
    • Education
      • Certification
      • Course
    • Entertainment
      • Documentary
      • Game
      • Meme
      • Movie
      • TV Show
    • Learning
      • Book
      • Lexicon
      • Podcasts
      • Tutorials
    • Tool
      • Hardware
      • Software
No Result
View All Result
Contact Us
Cybermaterial
No Result
View All Result

HEH, a new IoT P2P Botnet going after weak telnet services

By Sofia C.

in Alerts, Blog, Malware
1 min read
October 7, 2020

Recently, 360Netlab threat detection system captured a batch of unknown samples. The CPU architectures supported by this batch of samples are broad, including x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III) and PPC, it is spreading through brute force of the Telnet service on ports 23/2323, which means the bot does not really care of what the end devices are, as long as it can enter the device, it will try its luck to infect the target. The botnet is written in Go language, and uses proprietary P2P protocol, we named it HEH Botnet .

According to 360Netlab the operating mechanism of this botnet is not yet mature as some important function such as attack module have not yet been implemented. Also the P2P implementation still has flaws, the Bot does maintain a Peer List internally, and there is ongoing Ping<–>Pong communication between peers, but the entire Botnet still is considered centralized, as currently the bot node cannot send control command. In addition, the mechanism of carrying the sample itself through the local HTTP Server is not very pretty. With that being said, the new and developing P2P structure, the multiple CPU architecture support, the embedded self-destruction feature, all make this botnet potentially dangerous.

Read More

Source: 360NetLab

Tags: AlertsBotnetHEHP2pTelnet
19
VIEWS

More Alerts

Adobe Releases Security Updates
Alerts

Adobe Releases Security Updates

April 15, 2021
Russian SVR Targets U.S. and Allied Networks – CISA – FBI – NSA
Alerts

Russian SVR Targets U.S. and Allied Networks – CISA – FBI – NSA

April 15, 2021
Google patches vulnerability in Android system – Security Bulletin –  April 2021
Alerts

Google patches vulnerability in Android system – Security Bulletin – April 2021

April 14, 2021

MORE

Documentary

Documentary: Cryptopia: Bitcoin, Blockchains and the Future of the Internet (2020)

February 24, 2021
CompTIA

Lexicon: RATs (Remote Access Trojans)

January 17, 2021

Hacking NASA…

October 2, 2020
Paper

DOCUMENT: How to Categorize Risk in IoT

February 21, 2021
ADVERTISEMENT

Tags

Books Cybersecurity Hackers Malware Memes Movies Quantum Computing Report Software Word of the day

© 2021 | CyberMaterial | All rights reserved.

SECURITY THROUGH DATA

No Result
View All Result
  • Home
  • Alerts
  • Cyber Incidents
  • Blog
  • Events
  • Tutorials
  • Featured
    • AI
    • Privacy
    • Cryptocurrency
    • Blockchain
    • IoT
    • Deep Web
    • Threat Actors
    • Social Engineering
    • Deepfake
    • E-Commerce
    • Malware
    • Phishing
    • Quantum Computing

© 2020 CyberMaterial - Cyber Decoded.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.