Threat Intelligence, IoT

Global attacks of novel Gorilla botnet exceed 300K

Share
botnet bot-net computer virus

More than 300,000 distributed denial-of-service attacks have been deployed by the novel Gorilla botnet, also known as GorillaBot, against organizations in the telecommunications, banking, education, government, gaming, and gambling industries across over 100 countries between September 4 and September 27, reports The Hacker News.

China, the U.S., Canada, and Germany were most targeted by attacks with the Mirai source code-based Gorilla botnet, which involved the exploitation of UDP flood, Valve Source Engine flood, ACK BYPASS flood, ACK flood, and SYN flood techniques, as well as an old Apache Hadoop YARN RPC vulnerability, an analysis from NSFOCUS revealed. "[Gorilla] introduced various DDoS attack methods and used encryption algorithms commonly employed by the Keksec group to hide key information, while employing multiple techniques to maintain long-term control over IoT devices and cloud hosts, demonstrating a high level of counter-detection awareness as an emerging botnet family," said NSFOCUS researchers. On the other hand, the Gorilla botnet was noted by cybersecurity researcher Fox_threatintel to have been leveraged in attacks for more than a year.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds