Security News TheMoon malware infects 6,000 ASUS routers in 72 hours for proxy service

vtqhtr413

vtqhtr413

Level 27
Thread author
Well-known
Aug 17, 2017
1,609
Content source
https://www.bleepingcomputer.com/news/security/themoon-malware-infects-6-000-asus-routers-in-72-hours-for-proxy-service/
A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office (SOHO) routers and IoT devices in 88 countries.

TheMoon is linked to the "Faceless" proxy service, which uses some of the infected devices as proxies to route traffic for cybercriminals who wish to anonymize their malicious activities.

Black Lotus Labs researchers monitoring the latest TheMoon campaign, which started in early March 2024, have observed 6,000 ASUS routers being targeted in under 72 hours.

The threat analysts report that malware operations such as the IcedID and SolarMarker currently use the proxy botnet to obfuscate their online activity.
Click to expand...
www.bleepingcomputer.com

TheMoon malware infects 6,000 ASUS routers in 72 hours for proxy service

A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office (SOHO) routers and IoT devices in 88 countries.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: Victor M, Andy Ful, harlan4096 and 3 others
F

ForgottenSeer 109138

  • Like
  • Hundred Points
  • Thanks
Reactions: Victor M, harlan4096, vtqhtr413 and 1 other person
oldschool

oldschool

Level 84
Verified
Top Poster
Well-known
Mar 29, 2018
7,595
  • Like
Reactions: Andy Ful, ForgottenSeer 109138, Jonny Quest and 1 other person
Jonny Quest

Jonny Quest

Level 21
Verified
Top Poster
Well-known
Mar 2, 2023
1,089
Thanks @vtqhtr413 for posting this timely thread, as I just bought a new Asus router on Amazon yesterday and that was one of the things I considered, if it was still a new enough model to be supported with firmware updates, which it is. Thanks also for the affirming follow-up replies, Practical Response and oldschool :)
 
  • Like
  • Thanks
Reactions: oldschool, vtqhtr413 and ForgottenSeer 109138

Similar threads

Victor M
    • Like
    • Wow
Security News NSA found Massive BotNet of routers, firewalls, NAS and IoT operated by PRC
Replies
2
Views
1,610
Security News
Victor M
Victor M
CyberTech
    • Like
Malware News New proxy malware targets Mac users through pirated software
Replies
0
Views
1,276
Security News
CyberTech
CyberTech
Gandalf_The_Grey
    • Like
    • +Reputation
Malware News The Pumpkin Eclipse - over 600,000 routers were taken offline
Replies
1
Views
2,042
Security News
Marko :)
Marko :)

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top