Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Phorpiex botnet shuts down and authors put source code for sale

Crooks behind the Phorpiex botnet have shut down their operations and put the source code for sale on the dark web. The criminal organization behind the Phorpiex botnet have shut down their operations and put the source code of the bot for sale on a cybercrime forum in on a dark web. The news was […]

Phorpiex botnet

Crooks behind the Phorpiex botnet have shut down their operations and put the source code for sale on the dark web.

The criminal organization behind the Phorpiex botnet have shut down their operations and put the source code of the bot for sale on a cybercrime forum in on a dark web.

The news was reported by The Record after that experts from security firm Cyjax noticed an ad posted by a crook that was involved in the botnet’s operation in the past.

The decision to sell the source code comes from the consideration that the two original authors of the malware have left the operations.

“As I no longer work and my friend has left the biz, I’m here to offer Trik (name from coder) / Phorpiex (name for AV firms) source for sell [sic],” the individual said today in a forum post spotted by British security firm Cyjax.” reads the ad published The Record.

The main bot and all modules are written in C++, authors claim that the bot nor modules trigger any firewall / UAC prompts.

The Record, with the help of CheckPoint malware researcher Alexey Bukhteyev, confirmed that the ad is valid.

The researchers confirmed that the source code of the bot hasn’t been sold before

Bukhteyev pointed out that even if the C&C servers for the botnet are down, who will buy the code we will be able to set up new ones and take control over the previously infected systems.

At the time of this writing, it is not clear how many infected machines are still active.Bot works fine on 32 and 64 bit

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Phorpiex botnet)

[adrotate banner=”5″]

[adrotate banner=”13″]