Botnet CatDDoS Shows Active Signs, Hackers Use Multiple Vulnerabilities for Attacks

TapTechNews June 1st. A security company, Qi An Xin, has recently released a report claiming that the botnet CatDDoS has shown a large number of active signs in the past three months. The related hackers are said to have used over 80 known vulnerabilities to attack network devices of various manufacturers. It is said that more than 300 devices were affected in a day at the peak of the attack.

TapTechNews has learned that the types of vulnerabilities exploited by the hackers are very extensive, affecting cloud service providers and educational and academic institutions in countries and regions such as the United States, China, France, Germany, Brazil, etc., mainly targeting network devices of manufacturers such as Cisco, Huawei, Netgear, Realtek, Seagate, Tenda, TP-Link, and ZTE.

It is reported that the CatDDoS botnet is a derivative variant of the previously reported by TapTechNews Mirai. The related virus first appeared in August last year, stopped its activity briefly in December, but now it comes back again, and at the same time, more variants have been added.

It is worth noting that the security company report said that the hackers used a large number of undetermined zero-day vulnerabilities for the attack. In addition to the network devices of the manufacturers, many platforms are said to have also suffered from the related hackers' attacks recently, involving servers such as GitLab, Jenkins, Metabase, Log4j, and RocketMQ.