TECH NEWS

GlassWorm Botnet Disrupted

https://www.securityweek.com/wp-content/uploads/2024/09/botnet.jpeg

The GlassWorm botnet that has been targeting the open source software ecosystem for over six months has been disrupted, cybersecurity firm CrowdStrike reports.

Together with Google and the Shadowserver Foundation, CrowdStrike took down GlassWorm’s four command-and-control (C&C) channels simultaneously, preventing access to the infected machines and the delivery of fresh payloads.

The malware has been using the Solana blockchain for C&C infrastructure, with Google Calendar, the BitTorrent peer-to-peer network, and traditional servers hosted on commercial VPS providers serving as backup C&Cs.

GlassWorm’s operators have been encoding C&C addresses in the memo fields of blockchain transactions, which cannot be modified or deleted.

The BitTorrent network was used to store configuration data against hardcoded public keys, Google Calendar was used to store Base64-encoded C&C paths in event titles, and the traditional C&C servers were used to host payloads.

“The combination of blockchain, peer-to-peer, and legitimate web services as resolution layers was...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

Read more

https://images.wsj.net/im-82626144/social

Temu owner PDD reports Q1 revenue up 11% YoY to ~$15.7B, below ~$16.2B est., net profit down 15% to ~$1.85B, below ~$3.4B est., amid fierce competition in China

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. The Private AI That Remembers — Anuma is the all-in-one AI platform with private, portable memory.