"Netlab researchers, who are usually among the firsts to discover emerging botnets, said the botnet contains several clues to suggest this is the work of the same group which developed the Moobot botnet in 2019 and the LeetHozer botnet in 2020.
Both botnets were essentially built and used for launching DDoS attacks, which also appears to be Matryosh's primary function, as well.
The Netlab team says they found functions in the code specific to features that will use infected devices to launch DDoS attacks via protocols like TCP, UDP, and ICMP."
"A new botnet is actively targeting IoT devices using payloads compiled for a dozen CPU architectures and uses them to launch several types of DDoS and to spread various types of malware.
The Dark Nexus botnet as it was named by the Bitdefender researchers who discovered it has gone through a very fast development process since it was initially spotted."
"DDoS attacks are also becoming more common. Brian Krebs, an independent security researcher, observed earlier this month that the "source code" to the Mirai botnet had been released by a hacker group, "virtually guaranteeing that the internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices""
""It's accelerating because there's a wide-open, unprotected landscape that people can go to," says Chris Carlson, vice president of product management at Qualys. "It's a gold rush to capture these devices for botnets.""
"Researchers at Incapsula have discovered a botnet that runs on compromised CCTV cameras. There are hundreds of millions, if not billions, of these in the field, and like many Internet of Things devices, their security is an afterthought and not fit for purpose. "
"The significance of the attack on Krebs is that it looks as though many of the attacks on him came from large numbers of enslaved devices - routers, cameras, networked TVs and the like. "Someone has a botnet with capabilities we haven't seen before," says Martin McKeay, Akamai's senior security expert. The DDoS arms race has just moved up a gear."
"This person or group, who go by the names BestBuy and Popopret, recently spammed an ad to folks on Jabber, an instant messaging service. They offered to perform a distributed denial of service (DDoS) attack on whomever their client(s) wanted, and they backed up their offer by claiming to wield the ability to perform some of the strongest DDoS attacks ever seen. Recent events in the history of the internet show us that these kind of attacks - if these hackers indeed have the power they claim - can wreak internet havoc by blocking user access to a range of some of the web's most popular destinations."
"Studies generally suggest that, year after year, less than 60 percent of web traffic is human; some years, according to some researchers, a healthy majority of it is bot. For a period of time in 2013, the Times reported this year, a full half of YouTube traffic was "bots masquerading as people," a portion so high that employees feared an inflection point after which YouTube's systems for detecting fraudulent traffic would begin to regard bot traffic as real and human traffic as fake. They called this hypothetical event "the Inversion.""
"According to Folding@Home, the organisation that runs the distributed computing effort, the combined power of the network broke 1,000,000,000,000,000,000 operations per second - or one "exaflop" - on 25 March."