Geek Feed

Microsoft: Chinese hackers use Quad7 botnet to steal credentials

November 1, 2024November 1, 2024 geekfeed0Tagged credentials, microsoft, NAS, Password Spray, Quad7, Quad7 botnet, SOHO Router

Microsoft warns that Chinese threat actors use the Quad7 botnet, compromised of hacked SOHO routers, to steal credentials in password-spray attacks. Quad7, also known as CovertNetwork-1658 or xlogin, is a botnet first discovered by security researcher Gi7w0rm that consists of compromised SOHO routers. Later reports by Sekoia and Team Cymru reported that the threat actors are targeting routers and networking devices from TP-Link, ASUS, Ruckus wireless […]

3 mins read

Chinese botnet infects 260,000 SOHO routers, IP cameras with malware

September 19, 2024September 19, 2024 geekfeed0Tagged APT, Botnet, china, Chinese botnet, Flax Typhoon, IoT, IP cameras, malware, Raptor Train, SOHO Router

The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called “Raptor Train” that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries. The botnet has been used to target entities in the military, government, higher education, telecommunications, defense industrial base (DIB), and IT sectors, mainly in […]

8 mins read

Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs

August 27, 2024August 27, 2024 geekfeed0Tagged Actively Exploited, china, Credential Theft, SOHO Router, Versa Director, Volt Typhoon, Zero-Day

The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal credentials and breach corporate networks. Versa Director is a management platform ISPs and MSPs use to manage virtual WAN connections created using SD-WAN services. The vulnerability is tracked as CVE-2024-39717 […]

6 mins read