07 December 2023

EnemyBot malware adds enterprise flaws to exploit arsenal

The botnet malware EnemyBot has added exploits to its arsenal, allowing it to infect and spread from enterprise-grade gear.
Full timeThe owner of the EnemyBot code repository on GitHub describes themselves as a "full time malware dev" who can be tapped up by others for contract work, according to Alien Labs.
Once inside a hijacked machine, EnemyBot will automatically scan for additional vulnerable devices while also awaiting commands from its C&C.
"However due to the authors' rapid updates, this botnet has the potential to become a major threat for IoT devices and web servers.
Alien Labs recommends enterprises reduce the exposure of Linux servers and IoT devices to the internet, use properly configured firewalls, enable automatic updates, and monitor network traffic.