Minecraft servers targeted by cross-platform DDoS botnet

Private Minecraft servers are being targeted by the novel cross-platform botnet MCCrash, which could facilitate distributed denial-of-service attacks, according to The Hacker News. Linux-based devices could also be impacted by the MCCrash botnet due to its unique distribution mechanism, a Microsoft report showed. "The botnet spreads by enumerating default credentials on internet-exposed Secure Shell (SSH)-enabled devices. Because IoT devices are commonly enabled for remote configuration with potentially insecure settings, these devices could be at risk to attacks like this botnet," said Microsoft, which has been tracking MCCrash activity under DEV-1028. Most servers impacted by MCCrash were in Russia but servers in Ukraine, Belarus, Kazakhstan, Czechia, India, Uzbekistan, Nigeria, Cameroon, Indonesia, Columbia, Italy, and Mexico have also been compromised. "This type of threat stresses the importance of ensuring that organizations manage, keep up to date, and monitor not just traditional endpoints but also IoT devices that are often less secure," Microsoft said.