Cybersecurity researchers have released new warnings about the EnemyBot malware, which reportedly borrows code from botnets such as Mirai, Qbot, and Zbot. The rapidly evolving tool functions as IoT malware and targets content management systems (CMS) web servers and Android devices. Security researchers believe that the bot might be the work of a threat actor group known as Keksec. AT&T Alien Labs released a post regarding the bot, stating that is has targeted popular services such as VMware Workspace, Adobe ColdFusion, WordPress, PHP Scriptcase, and more.
AT&T stated that the Keksec group distributes the malware by specifically targeting IoT devices and Linux machines. The EnemyBot is not the only botnet in Keksec’s arsenal, as the group dates back to 2016 and has deployed many…
Source link
