EnemyBot (Malware Family)

EnemyBot

According to the Infosec Institute, EnemyBot is a dangerous IoT botnet that has made headlines in the last few weeks. This threat, which seems to be disseminated by the Keksec group, expanded its features by adding recent vulnerabilities discovered in 2022. It was designed to attack web servers, Android devices and content management systems (CMS) servers.

References

2022-09-06 ⋅ AT&T ⋅ Ofer Caspi
Shikitega - New stealthy malware targeting Linux
BotenaGo EnemyBot Meterpreter Monero Miner

2022-05-26 ⋅ AT&T Cybersecurity ⋅ Ofer Caspi
Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices
EnemyBot

2022-04-12 ⋅ Fortinet ⋅ Joie Salvio, Roy Tay
Enemybot: A Look into Keksec's Latest DDoS Botnet
EnemyBot Keksec

2022-03-15 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov, T. Peck, Tim Peck
Detecting EnemyBot – Securonix Initial Coverage Advisory
EnemyBot

2022-03-01 ⋅ Securonix ⋅ Securonix Threat Labs
Detecting the EnemyBot Botnet – Securonix Initial Coverage Advisory
EnemyBot

There is no Yara-Signature yet.

EnemyBot Propose Change

References

EnemyBot