Sep 12, 10:10 AM

Quad7 Botnet Expands Targeting SOHO Routers, VPN Appliances; Selenium Grid Hit by Cryptomining

The Quad7 botnet operation is expanding its targeting and infrastructure, now focusing on SOHO routers and VPN appliances. The operators have unveiled new moves with advanced HTTP reverse shells. Additionally, hackers are exploiting Selenium Grid servers to deploy cryptomining and proxyjacking scripts. Researchers from Cado Security discovered two campaigns targeting these servers due to their default no-auth settings, making them prime targets for such attacks. The campaigns were reported by The Hacker News and darkreading.

#Quad7 #HTTP #Selenium Grid #Cado Security #The Hacker News

Written with ChatGPT (GPT-4o).

Sources

The Hacker News@TheHackersNews
1 year ago
🔥 Selenium Grid Targeted for Crypto Mining! Default no-auth settings make it a prime target for attackers injecting crypto miners and proxyjacking scripts. Learn more: https://t.co/whNNJG2mAk Lock it down now!
Nicolas Krassas@Dinosn
1 year ago
Hackers Proxyjack & Cryptomine Selenium Grid Servers https://t.co/uPyjxAoDzC
Infosec Alevski 💻🕵️‍♂️@Alevskey
1 year ago
Top 3 Threat Report Insights for Q2 2024: https://t.co/32cvp8dPhS by The Hacker News #infosec #cybersecurity #technology #news

Quad7 Botnet Expands Targeting SOHO Routers, VPN Appliances; Selenium Grid Hit by Cryptomining

Sources

Additional media

Similar Stories