top of page
Clipeus

Ddostf Malware Campaign

According to an AhnLab Security Emergency Response Center report, threat actors have been conducting a wide-scale reconnaissance for publicly-accessible MySQL instances using port 3306, and subsequently attempting intrusion via common misconfigurations - i.e. weak credentials - or poor maintenance - i.e. exploitation of known vulnerabilities. Then the attackers deployed the Ddostf DDoS bot malware turning the impacted system into a "zombie" for DDoS attacks.

If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to info@clipeusintelligence.com with your inquiry. We would be glad to assist you

bottom of page