GoBrut Botnet

GoBrut Botnet Description

Botnets are growing in number and managing to infect more and more computers making countless victims. Among these threats uncovered by malware researches recently, is an ELF-based botnet named the GoBrut Botnet, which is attacking computers running the Windows system, although the experts are not sure yet if the GoBrut Botnet attacks other operating systems currently. The way DoBrut Botnet infects a computer is very interesting. There's a malware called GoBrut, which is written in the Go programming language and has as its core a brute force module that uses technologies like MySQL and SSH CMS and to invade servers. As soon as the machine is infected, the host will be joined by the GoBrut botnet. Then, the host will brute force its way into the targeted machine, which was specified in the work solicitation that the botnet controller had sent to the CNC server.

The GoBrut Botnet has been working actively, and between the end of January 2019 and the present day, it has managed to infect around of 11,ooo hosts and was able to access almost 3,000 hosts in only 24 hours. The campaigns of the GoBrut attacks are very active and may be changed quickly, and the bot is informed about which are the campaigns being used currently and the technologies it needs to have as targets. Also, the GoBrut Botnet has been connected to the installation campaign of a JavaScript skimmer that has caused trouble to various Web portals around the world. The attacks perpetrated by the GoBrut Botnet are really threatening and may end up in a huge leak of sensitive data such as users user names and password or even worse.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.