all InfoSec news
The Darkside of TheMoon
Malware Analysis, News and Indicators - Latest topics malware.news
Executive Summary
The Black Lotus Labs team at Lumen Technologies has identified a multi-year campaign targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices, associated with an updated version of “TheMoon” malware. TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and February of 2024. As our team has discovered, the majority of these bots are used as the foundation of a notorious, cybercriminal-focused proxy …
black lotus black lotus labs bots campaign countries darkside devices end end-of-life eol executive february home iot iot devices january labs life lumen lumen technologies malware office routers soho targeting team technologies version