Threat Insight: Fortiguard Labs Reports New Zerobot DDOS Botnet
Kaseya Threat Management has been monitoring for threat intel and developments relating to DDoS threats since the beginning of the Russia/Ukraine conflict. Fortinet FortiGuard Labs published an informative write-up on a new botnet ‘ZeroBot’ that was first seen November 18, 2022, and is being distributed primarily through IoT vulnerabilities at this time. The bot is seeing rapid development and self-propagates and contains command and control capabilities. MSPs should compare intelligence on CVEs that are being used for exploitation against their hardware and software asset inventories to assure that deployed assets being targeted are operating with the most up-to-date patches. MSPs should also leverage infection indicators to search their managed environments for potential infections.
UPDATE: Microsoft Threat Intelligence has published a quality write-up that we recommend.
-Kaseya Threat Management Team