Diicot expands tactics with Cayosin Botnet, from crypto-jacking to DDoS attacks

/ / News

Cybersecurity researchers have uncovered new information about the Romanian threat actor Diicot, revealing its potential for launching distributed denial-of-service (DDoS) attacks.

Diicot, also known as Mexals, was initially discovered in July 2021 and was linked to a cryptojacking campaign. Recent analysis shows that Diicot is now using an off-the-shelf botnet agent called Cayosin, indicating its capability for DDoS attacks.

The group also engages in activities such as doxxing and utilizes Discord for command-and-control and data exfiltration. Diicot’s tactics involve exploiting SSH servers with weak credentials and deploying additional malware.

To protect against these attacks, organizations are advised to implement SSH hardening and firewall rules.

Leave a Reply

Your email address will not be published. Required fields are marked *