Forum Discussion
MicrosoftUpdates By D4IoT Research / Section 52
Microsoft Defender for IoT’s research group (Section 52) has recently published two new articles on cross-platform malware affecting IoT devices and released dozens of associated detections and alerts in the January 2023 Defender for IoT Threat Intelligence package update.
Researchers uncovered a Distributed Denial of Service (DDoS) botnet called MCCrash that is downloaded through Windows cracking software and spreads over SSH to infect Windows, Linux and IoT devices. MCCrash launches a DDoS attack on private Minecraft servers. In addition, the research group released findings on an updated version of the Zerobot cross-platform malware, sharing new indicators of compromise, attack methods, exploits, and capabilities which include an expansion into Apache vulnerabilities.
Customers who use other Microsoft security products will also benefit from enhanced detection capabilities for threats related to the malware on a range of their devices, from endpoint to desktop. These reports, including additional context, are also available as Threat Analytics in D365