Subj : Botnet activity surges as criminals get braver - can your busines
To   : All
From : TechnologyDaily
Date : Tue Jan 16 2024 14:45:05

Botnet activity surges as criminals get braver - can your business stand 
strong?

Date:
Tue, 16 Jan 2024 14:34:58 +0000

Description:
More than a million devices were scanning the internet at one point, looking 
for open ports and vulnerable servers.

FULL STORY
======================================================================

Experts have warned malicious botnets are on the rise as researchers observe 
massive spikes in the activity of distinct, potentially compromised devices. 

A report from the NETSCOUT ASERT team claims that at one point, a million 
devices were engaged in malicious reconnaissance scanning, a hundred times 
the usual levels. 

Usually, around 10,000 devices are engaged in the scanning daily, with the 
20,000 figure being the high water mark. However, in early December 2023, the 
number spiked to 35,144. Two weeks later, on December 20, the figure rose 
even further, to 43,194. On other days, things returned to normal. Nine days 
later, however, the researchers observed the biggest spike yet seen, hitting 
143,957 distinct devices. Ports and servers 

This massive spike is evidence of increased botnet scanning activity, 
especially since levels have remained high since this time, with the high 
water marks of normally 20,000 now settling in the level of 50,000 - 100,000, 
the researchers said. The trend continued into the new year, with spikes on 
January 5 and 6 exceeding a million devices. 

The surge came from just five countries, the researchers further explained: 
The United States, China, Vietnam, Taiwan, and Russia. Threat actors were 
mostly using cheap, or free, cloud and hosting servers, to create botnet 
launch pads. These servers are used via trials, free accounts, or low-cost 
accounts, which provide anonymity and minimal overhead to maintain, they 
explained. 

The botnets are used to scan the global internet via specific ports, in 
search of possible vulnerabilities. The ports are: 

 80

 443

 3389

 5060

 6881

 8000

 8080

 8081

 808

 8888

 and others. 

Threat actors could also be hunting for potential email server exploits, as 
they were also seen scanning ports 636, 993, and 6002, the researchers 
concluded. More from TechRadar Pro Stealthy new botnet targets VPN devices 
and routers while staying disguised Here's a list of the best firewalls 
around today These are the best endpoint security tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/botnet-activity-surges-as-criminals-get
-braver-can-your-business-stand-strong


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.