Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

New GorillaBot Reigns Over DDoS Attacks

September 30, 2024
Reading Time: 2 mins read
in Alerts
New GorillaBot Reigns Over DDoS Attacks

NSFocus analysts have recently identified a new botnet called “GorillaBot,” which has swiftly established itself as a formidable player in the landscape of Distributed Denial of Service (DDoS) attacks. This botnet, a modified version of the well-known Mirai malware, has launched an unprecedented cyber-attack campaign that has issued over 300,000 commands in just 24 days, affecting a total of 113 countries. The most impacted regions include China (20% of the attacks), the United States (19%), Canada (16%), and Germany (6%). The scale and intensity of this campaign underline the growing sophistication of DDoS threats in today’s cyber landscape.

GorillaBot distinguishes itself by supporting a wide array of CPU architectures, including ARM, MIPS, x86_64, and x86. This versatility allows it to target a variety of devices, significantly broadening its attack surface. The botnet employs several DDoS attack methods, with UDP Flood accounting for 41% of its operations, followed by ACK BYPASS Flood (24%) and VSE Flood (12%). Its ability to effectively utilize these methods demonstrates a well-coordinated approach to overwhelming target systems, which often results in substantial disruption and downtime for affected organizations.

The botnet’s attack strategy includes targeting critical sectors such as universities, government websites, telecommunications, banking, and gaming platforms. GorillaBot utilizes advanced techniques to maintain control over compromised Internet of Things (IoT) devices and cloud hosts. Analysts note that it employs encryption algorithms associated with the KekSec group, enabling it to obscure vital information and enhance its evasion tactics. This level of sophistication not only complicates detection efforts but also indicates a significant evolution in the tactics used by cybercriminals.

To ensure persistence and maximize its impact, GorillaBot implements a range of mechanisms, including creating system files and scripts that facilitate automatic execution upon system startup. This includes a “custom.service” file in /etc/systemd/system/, modifications to essential files like /etc/inittab and /etc/profile, and a “mybinary” script in /etc/init.d/. By leveraging vulnerabilities such as unauthorized access through the “Hadoop Yarn RPC” function, GorillaBot poses a serious threat to the cybersecurity landscape. With its advanced capabilities and extensive attack vectors, GorillaBot is a stark reminder of the evolving and increasingly dangerous nature of cyber threats.

Reference:
  • New GorillaBot Emerges as Dominant Force in DDoS Attacks
Tags: BotnetCanadaChinaCyber AlertsCyber Alerts 2024Cyber threatsDDoSDistributed Denial of ServiceGermanyGorillaBotKeksecMirai malwareNSFocusSeptember 2024United States
ADVERTISEMENT

Related Posts

New Linux Flaws Allow Easy Root Access

New Linux Flaws Allow Easy Root Access

June 18, 2025
New Linux Flaws Allow Easy Root Access

Langflow Flaw Delivers Flodrix DDoS Botnet

June 18, 2025
New Linux Flaws Allow Easy Root Access

Google Fixes GerriScary Supply Chain Flaw

June 18, 2025
Water Curse Group Hits Developers Via GitHub

Water Curse Group Hits Developers Via GitHub

June 17, 2025
Water Curse Group Hits Developers Via GitHub

XDSpy Exploits Windows LNK Zero Day

June 17, 2025
Water Curse Group Hits Developers Via GitHub

CISA Warns Of Apple Zero Click Exploit

June 17, 2025

Latest Alerts

New Linux Flaws Allow Easy Root Access

Google Fixes GerriScary Supply Chain Flaw

Langflow Flaw Delivers Flodrix DDoS Botnet

Water Curse Group Hits Developers Via GitHub

XDSpy Exploits Windows LNK Zero Day

CISA Warns Of Apple Zero Click Exploit

Subscribe to our newsletter

    Latest Incidents

    Scania Insurance Data Stolen In Partner Hack

    Pro Israel Group Claims $81M Nobitex Hack

    Hacker Sells Data Of 1M Cock.li Users

    Zoomcar Data Breach Hits 8.4 Million Users

    Qilin Gang Leaks Asefa FC Barcelona Data

    Gunra Claims 45TB Hack On Colombia Justice

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial