The FBI and CISA have issued a warning about a botnet that is using the Androxgh0st malware to steal cloud credentials and deliver malicious payloads. The botnet primarily targets .env files with confidential information in applications such as AWS, Twilio, and Microsoft Office 365. It exploits the Simple Mail Transfer Protocol (SMTP) to deploy web shells and exploit leaked credentials. The botnet has been observed checking accounts for email limits and creating fake pages on target websites for backdoor access to sensitive data. It also uses compromised AWS credentials to scan for vulnerable targets. Organizations are advised to keep their systems up to date, review interaction requests, and check for credentials in .env files to mitigate the threat. The FBI and CISA have requested affected organizations to report any information on attacks.
FBI Alert: Beware of Androxgh0st Malware Botnet
Latest from News
UK Firms Unite for Cybersecurity Success
TLDR: Yahoo is part of the Yahoo brand family, which includes Yahoo and AOL. When using Yahoo sites and applications, Cookies are used for
PKfail vulnerability lets hackers install UEFI malware on 200+ devices
TLDR: PKfail vulnerability affects over 200 device models, compromising Secure Boot. Exploiting the vulnerability allows attackers to install UEFI malware. Article Summary: The PKfail
OpenStack Nova flaw lets hackers infiltrate cloud servers without permission
TLDR: A vulnerability in OpenStack’s Nova component, tracked as CVE-2024-40767, allows hackers to gain unauthorized access to cloud servers. The vulnerability affects multiple versions
CrowdStrike alert: New phishing scam targets German customers
TLDR: – CrowdStrike warns of a new phishing scam targeting German customers. – Malicious installers distributed via a fake website impersonating a German entity.
Beware: NKorea Cyber Op Targets Military, Nuclear Secrets in UK, US, SKorea
Article Summary TLDR: UK, US, and S. Korea issued a warning about a North Korea-backed cyber espionage campaign The group Andariel has been targeting