Ngioweb Botnet
The Ngioweb Botnet is a large-scale botnet campaign that has been observed by malware researchers closely since the payloads linked to the campaign were first identified at the beginning of 2019. What is interesting about this botnet is that its payload supports both Linux and Windows operating systems, therefore greatly expanding the target of devices that this malware can target. However, the Linux version of the Ngioweb Botnet appears to have an appetite for Web servers running vulnerable versions of the WordPress platform – nearly all active Linux copies of the Ngioweb Botnet were identified as Web servers with WordPress installed.
Ngioweb Botnet's Operators may be Selling Proxy Services
Often, the authors of botnet projects exploit the enslaved network to execute Distributed-Denial-of-Service (DDoS) attacks or launch cryptocurrency mining operations. The Ngioweb Botnet, however, supports no such features. Instead, it operates as a 'proxy botnet' that serves the purpose of redirecting the traffic of infected computers through a proxy server running via the botnet's members. It is possible that the author of the Ngioweb Botnet might be renting out the proxy servers to other cybercriminals, or they might be trying to spy on the traffic of users who have their network configured to use one of Ngioweb's proxies.
Protecting your network from the Ngioweb Botnet and similar threats requires multiple security measures such as installing anti-virus software, enhancing your firewall configuration, and making sure to update all software and Internet-connected services regularly.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.