TZUTC: -0500   
   MSGID: 380.consprcy@1:2320/105 2c3194ba   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   Another huge new botnet is infecting thousands of webcams and video recorders   
   for DDoS attacks   
      
   Date:   
   Fri, 07 Mar 2025 15:25:00 +0000   
      
   Description:   
   With more than 80,000 devices, Eleven11bot is a major concern.   
      
   FULL STORY   
      
   Cybersecurity researchers say they have uncovered the biggest non-government   
   botnet in recent years.    
      
   It is called Eleven11bot, and its malware was found on more than 86,000   
   Internet of Things (IoT) devices, according to multiple research teams,   
   including Nokia, GreyNoise, and The Shadowserver Foundation.    
      
   The botnet is most likely operated by an Iranian threat actor, GreyNoise   
   reported. It found some 1,400 IPs operating the botnet, the majority of which   
   are based in the Middle Eastern country. The threat actors seem to be hunting   
   for IoT devices with factory or weak credentials, and actively scanning for   
   exposed Telnet and SSH ports, with compromised devices including webcams,   
   Network Video Recorders (NVR), and similar.   
      
   Exceptional size    
      
   At the same time, The Shadowserver Foundation analyzed the spread of the   
   malware, and found that the majority of compromised endpoints are located in   
   the United States, United Kingdom, Mexico, Canada, and Australia.    
      
   Botnets are most commonly used for Distributed Denial-of-Service (DDoS)   
   attacks, where infected devices overwhelm a target server, causing   
   disruptions.    
      
   They are also used for sending massive spam campaigns, distributing phishing   
   emails or malware while avoiding detection. Cybercriminals leverage botnets   
   for credential stuffing and brute-force attacks, trying to break into    
   accounts using stolen credentials.    
      
   Another frequent use is click fraud, where infected machines generate fake ad   
   clicks to inflate revenue. Botnets also enable cryptojacking, secretly mining   
   cryptocurrency on victims devices, slowing them down and increasing   
   electricity costs. Additionally, they are used for data theft and espionage,   
   stealing login credentials, financial data, or trade secrets.    
      
    Via BleepingComputer   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/another-huge-new-botnet-is-infecting-th   
   ousands-of-webcams-and-video-recorders-for-ddos-attacks   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30   
   SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35   
   PATH: 2320/105 229/426