Cyber Attack cyber

Sekoia

Sep 15, 2024 1 min read
Sekoia

Sekoia uncovered the evolution of the Quad7 botnet, which now targets new SOHO devices with stealthier tactics to evade detection. The botnet has compromised various routers and VPN appliances by exploiting vulnerabilities, some of which were previously unknown. The Quad7 operators have refined their methods, transitioning from open SOCKS proxies to using the KCP protocol over UDP for communication to further conceal their activities. Despite no direct reports of data compromise, the botnet's capacity for distributed brute-force attacks presents significant risks, including potential unauthorized access to Microsoft 365 accounts and control over infected devices possibly leading to data breaches or other serious security incidents in the future.

Source: https://securityaffairs.com/168250/malware/quad7-botnet-evolves.html

"id": "sek000091524",
"linkid": "sekoia",
"type": "Cyber Attack",
"date": "9/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Published by
Jeremy C
Jeremy C

Join the conversation

You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.