The Gorilla botnet attacked more than 100 countries, launching 300,000 DDoS attacks

8 October 2024 1 minute Author: Newsman

The new Gorilla Botnet (or GorillaBot) malware has launched more than 300,000 DDoS attacks in more than 100 countries around the world, hitting universities, government websites, telecommunications, banks and gaming platforms.

According to NSFOCUS, the Gorilla botnet, which uses the Mirai code, carried out attacks between September 4 and 27, 2024. The botnet issued more than 20,000 commands per day to carry out DDoS attacks. China, the USA, Canada and Germany were the most affected. The botnet used a variety of attack methods, including UDP flood and SYN flood, and had the ability to connect to five servers to receive commands.

Gorilla’s main feature was that it also exploited a vulnerability in Apache Hadoop’s YARN system for remote code execution, allowing long-term control of affected IoT devices.

The Gorilla botnet is based on leaked Mirai code, making it one of the malware’s many heirs. Mirai became known back in 2016 for its ability to hijack IoT devices and use them for large-scale attacks.

Other related articles

News

Scam involving 6,000 counterfeit iPhones lands two Maryland men in prison

Two Maryland residents have been sentenced to prison for a fraudulent scheme to defraud Apple Inc. that resulted in more than $2.5 million in losses.

298

News

A government hacking attack caused a data leak among 65,000 police officers in the Netherlands

Dutch police have reported a data leak allegedly carried out by government hackers. During the incident, the work contact details of 65,000 police officers were stolen.

312