DDoS attacks targeting Discord

5 August 2024 2 minutes Author: Newsman

Aqua Nautilus researchers discovered an attack by a cyber group called “Panamorfi” that uses a DDoS package for Minecraft – mineping – through misconfigured Jupyter notebooks.

The attackers gained initial access to the open source Jupyter notebook environment through a malicious file downloaded via the wget command. This file contained two jar files that were used to perform DDoS attacks on Minecraft servers.

The attack began by gaining access to the Jupyter notebook honeypot using a command that downloaded a zip file with malicious content. The main conn.jar file connected to Discord to manage the attack, while the mineping.jar file performed a TCP Flood DDoS attack against the Minecraft servers. The attacker used Discord to report the results of the attacks.

Research revealed that an attacker with the alias ‘yawixooo’ was active on GitHub and had a Minecraft server configuration and an HTML page under development. Aqua Security used its runtime protection solution to detect and block this attack. This made it possible to detect malicious activity and block the execution of malicious code in real time.

This attack highlights the importance of properly configuring data development environments such as Jupyter notebooks and the need to use runtime security solutions to prevent malicious attacks.

Other related articles
News
Read more
Rhysida ransomware attack on Columbus, Ohio. Over 6.5 TB of sensitive data stolen
The city of Columbus, Ohio was hit by the Rhysida ransomware attack, in which more than 6.5 TB of sensitive data was stolen, including databases, passwords and employee information. The stolen data is being auctioned for 30 bitcoins (approximately $1.9 million). The city administration quickly identified the threat and took measures to limit its influence. The mayor emphasized the importance of restoring city services and conducting a thorough investigation.
348
Found an error?
If you find an error, take a screenshot and send it to the bot.