A malware author has built a huge botnet comprised of over 18,000 routers in the span of only one day.
The mystery of the recent surge in port 8000 scan activity has been solved today by security researches from Qihoo 360 Netlab, who tracked this week's mystery traffic to an old foe âthe Satori IoT botnet.
The operators of the Satori botnet are mass-scanning the Internet for exposed Ethereum mining rigs, according to three sources in the infosec community who've observed the malicious behavior âSANS ISC, Qihoo 360 Netlab, and GreyNoise Intelligence.
A new variant of the Satori botnet has sprung back to life, and this one is hacking into Claymore mining rigs and replacing the device owner's mining credentials with the attacker's own.
Security researchers are raising the alarm in regards to a new botnet named Satori that has been seen active on over 280,000 different IPs in the past 12 hours.