Roboto Botnet

Roboto Botnet Description

Malware researchers have spotted the activity of a botnet called Roboto Botnet. The activities of this botnet were first spotted in the summer of 2019. The Roboto Botnet appears to be targeting Linux servers and gathers the compromised targets to create a wide-reaching botnet that can be used for various operations. Experts have reported that there is a total of 215,000 Linux servers that are using the Webmin application approximately. This application appears to be the infection vector utilized by the operators of the Roboto Botnet. However, it must be noted that the updated versions of the Webmin software suite are not vulnerable, and the attackers can only exploit outdated variants of the application. Despite the Roboto Botnet’s activity dating back to the summer of 2019, its operators have started mass-expanding it only recently. This is why malware researcher’s interest was drawn instantly.

Uses the Peer-to-Peer Technique

The operators of the Roboto Botnet may be using it to execute DDoS (Distributed-Denial-of-Service) attacks mainly. These attacks are carried out using a few different vectors – HTTP, ICMP, UDP and TCP. So far, the operators of the Roboto Botnet have not used the botnet for DDoS attacks, which leads malware experts to believe that at the moment, their efforts are concentrated into expanding the size of the botnet. The operators of the Roboto Botnet have made sure that the compromised servers use a peer-to-peer technique instead of contacting the control server of the authors constantly. The infected servers are scanning the Internet looking for other servers that are running an outdated version of the mentioned Webmin application previously.

The Roboto Botnet also packs a backdoor module. This means that the operators can grab files, gather details about the compromised host, plant additional malware, run shell and Linux commands. This means that the operators of the Roboto Botnet have far greater power than simply launching DDoS attacks against their targets.

The Roboto Botnet operators are working hard on expanding their botnet, and we cannot be sure what their plans are for the future.

How Can You Detect Malware?

Download SpyHunter's Detection Scanner
to Detect Malware.
* SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.