all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Exposing the "PDF Botnet" – An OSINT Analysis

Add to bookmarks
March 3, 2023, 5:34 p.m. | Dancho Danchev

Security Boulevard securityboulevard.com



Dear blog readers,


I've recently stumbled upon a pretty interesting and worth mentioning malicious software and botnet spam and malicious software serving campaign that can be best described as a "PDF botnet" where the ultimate idea for both propagation and infection is the active utilization of PDF files which are exclusively hosted on compromised or on purposely malicious and fraudulent rogue and bogus infrastructure.



Sample screenshots include:










Sample URLs known to have been involved in the campaign include:


hxxp:[/][/]ragaz[.]co[.]za[/]XSRYdR1H?utm_term=picsart+background+image++hd


hxxp:[/][/]www[.]lbtfilm[.]com[/]uploads[/]files[/]koxuwegemagobuwidewas[.]pdf …

analysis blog bogus botnet campaign compromised exposing files fraudulent infection infrastructure malicious malicious software osint pdf rogue screenshots software spam urls

Visit resource

More from securityboulevard.com / Security Boulevard

TikTok Ban — ByteDance Sues US to Kill Bill an hour ago | securityboulevard.com
application security appsec ban bill +39
Harnessing the Power of the Kraken: A Deep Dive into the Kraken Model of Innovation 2 hours ago | securityboulevard.com
concept deep dive digital innovation dive +7
News alert: Hunters announces full adoption of OCSF, introduces OCSF-native search 4 hours ago | securityboulevard.com
adoption advancement alert cybersecurity +18
Certificate Lifecycle Management Best Practices 7 hours ago | securityboulevard.com
best practices certificate certificate lifecycle management certificates +10
Cyber Essentials Plus Checklist for 2024 7 hours ago | securityboulevard.com
blog certification checklist controls +9
Global Cybercrime Report 2024: Which Countries Face the Highest Risk? 7 hours ago | securityboulevard.com
analytics blog can cooperation +25
NSFOCUS Secures Top Honors at RSA Conference 2024 12 hours ago | securityboulevard.com
awards blog cdm conference +27
Best API Security Product: Wallarm wins 2024 Cybersecurity Excellence Award 13 hours ago | securityboulevard.com
api api security award cyber +19
Kaseya Connect Global 2024 Day 3 Recap 17 hours ago | securityboulevard.com
connect connect global connect global 2024 cybersecurity +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

XDR Detection Engineer

@ SentinelOne | Italy
View on infosec-jobs.com

Security Engineer L2

@ NTT DATA | A Coruña, Spain
View on infosec-jobs.com

Cyber Security Assurance Manager

@ Babcock | Portsmouth, GB, PO6 3EN
View on infosec-jobs.com

Senior Threat Intelligence Researcher

@ CloudSEK | Bengaluru, Karnataka, India
View on infosec-jobs.com

Cybersecurity Analyst 1

@ Spry Methods | Washington, DC (Hybrid)
View on infosec-jobs.com

Security Infrastructure DevOps Engineering Manager

@ Apple | Austin, Texas, United States
View on infosec-jobs.com
View more jobs