DDoS Attack Fueled by Over 30,000 Hacked CCTV Cameras and NVRs
A recent discovery by security experts from Nokia Deepfield and GreyNoise has revealed a botnet consisting of over 30,000 compromised security cameras and Network Video Recorders (NVRs). This botnet has been actively involved in launching Distributed Denial of Service (DDoS) attacks against critical telecom infrastructure and gaming websites.
A DDoS attack involves overwhelming a target server with massive amounts of fake web traffic, generated through compromised devices, thereby rendering the server inaccessible to legitimate users. These attacks are increasingly common and can cause significant disruptions, especially for online services that rely on consistent uptime.
GreyNoise researchers have identified the botnet, named Eleven11bot, which is being used to carry out brute force attacks on login pages. In these attacks, weak or reused passwords are exploited, allowing cybercriminals to take control of vulnerable devices and use them for further malicious activities. Upon investigating the IP addresses involved, it was found that most of the compromised devices were CCTV cameras and NVRs, many of which were operating in Iran—a country that has recently been placed on a high-priority sanctions list by the incoming Donald Trump Administration.
Experts advise that regular updates to device firmware, frequent password changes, and disabling remote access on connected devices can significantly reduce the risk of such cybersecurity breaches and mitigate the potential for botnet-driven DDoS attacks.
Vodafone and IBM Partner to Develop Secure Net with Quantum-Safe Cryptography
Telecommunications giant Vodafone has partnered with IBM to introduce a groundbreaking Quantum Safe Cryptography technology in their new Secure Net platform. This initiative is designed to provide enhanced security for customers’ online activities, safeguarding them from potential quantum computing threats in the future.
The Secure Net system is equipped to protect users from common cybersecurity threats such as phishing, malware, and identity theft—all of which have been on the rise in recent years. Cybercriminals often use phishing tactics to lure victims into downloading malicious apps or visiting fake websites to steal sensitive information, including banking credentials and personal details.
Looking ahead, Vodafone plans to implement cutting-edge cryptographic algorithms by 2026 to further bolster their network security and defend against quantum threats. This strategic move aims to ensure that their customers enjoy a safe and secure online experience, free from the growing menace of cyberattacks.
Space Pirates Cyber Threat: A Rising APT Group Using LuckStrike Malware
A notorious group of cybercriminals, suspected of being linked to an Advanced Persistent Threat (APT) group known as Space Pirates, has been identified as the culprits behind the deployment of LuckStrike malware. This malware is being used to infiltrate both government and IT organizations, with the primary goal of stealing sensitive information.
Security experts suggest that the Space Pirates group has been active since 2017 and has evolved in sophistication over time. Their tactics include using Microsoft OneDrive as a Command and Control (C2C) server, allowing them to efficiently conceal their operations and remain undetected. This method has made it difficult for authorities and cybersecurity experts to trace their activities.
The LuckStrike malware is particularly dangerous because it allows the attackers to bypass traditional security measures, making detection more challenging. Over the years, Space Pirates have successfully victimized more than 20 federal organizations, including government agencies and private entities, making them a significant threat in the cybersecurity landscape.
