Botnets are typically used for one of these purposes: mining cryptocurrency, sending spam, advertising fraud, or engaging in distributed denial of service (DDoS) activities, because the creators of Simps Botnet have chosen to use code and libraries from two of the most popular botnet projects of recent years: Mirai and Gafgyt. It is entirely dedicated to executing DDoS attacks, and its operators are likely renting it to other hackers.
Surprisingly, the authors of Simps Botnet are very bold when it comes to promoting the project: They have set up a Discord server dedicated to communicating with potential customers and have uploaded several YouTube videos demonstrating the Simps Botnet.
Users whose devices have been compromised by Simps Botnet may not notice anything out of the ordinary, as this implant is not intended to affect device performance or stability. The only downside you may notice is that your network bandwidth will occasionally increase when the botnet is conducting a DDoS attack.
To protect their devices from Simps Botnet and similar threats, users must protect all Internet connected devices with a good password. Also:
▸Periodically monitor suspicious processes, events, and network traffic generated by running any untrusted binaries / scripts.
▸Always be careful when running shell scripts from unknown or untrusted sources.
▸Keep systems and firmware up to date with the latest versions and patches.
Thanks to certain messages from the Discord server, Uptycs attributed the activity to the Keksec group which is a prolific group of threats known for exploiting vulnerabilities to invade multiple architectures with polymorphic tools. You constantly increase your arsenal; In January, the FreakOut Linux botnet malware was deployed, which performs port scanning, information gathering, and network and data packet detection, along with DDoS and crypto mining.
And it is that the authors of Simps Botnet are very bold when it comes to promoting the project: they have set up a Discord server dedicated to communicating with potential customers and have uploaded several YouTube videos that demonstrate the Simps Botnet.
See Also:
Gafgyt is a botnet that uses Mirai DDoS modules
Botnets using Tor, A threat exploited by criminals
[…] also:Simps Botnet, a threat that executes DDoS attacksSYN Flood variant of DDoS […]
[…] also:Simps Botnet, a threat that executes DDoS attacksBotnets using Tor, A threat exploited by […]