top | item 46508911

(no title)

tennysont | 1 month ago

I couldn't really follow the technical details of the malware from the article, so I found what seems to be the first major report on the topic:

https://blog.xlab.qianxin.com/kimwolf-botnet-en/#network-pro...

That article has a more technical lens. It focuses primarily on the size and detection evasion methods of Kimwolf, rather than some notable (and definitely not unique) method of spreading.

Without looking too deeply, I'm going to assume that this is a successful botnet because it managed to get into product supply lines at big box stores and in app store games, rather than some clever virus that is spreading across the world.

I hope someone will correct me if I am mistaken!

discuss

VladVladikoff|1 month ago

What’s the deal with that seemingly random address written out as a domain name? Brian krebb’s home address?

14 emelia terrace west roxbury ma 02132 . su

As for your assumption the OP talks about how it uses residential proxies to get into lans, I don’t think it is a supply chain attack.

WorldMaker|1 month ago

Krebs redacted the one that was his own home address. Certainly someone's home address: https://www.zillow.com/homedetails/14-Emelia-Ter-West-Roxbur...