Cybersecurity researchers have unearthed new samples of malware called RapperBot that are being used to build a botnet capable of launching Distributed Denial of Service (DDoS) attacks against game servers.
“In fact, it turns out that this campaign is less like RapperBot than an older campaign that appeared in February and then mysteriously disappeared in the middle of April,” Fortinet FortiGuard Labs researchers Joie Salvio and Roy Tay said in a Tuesday report.
RapperBot, which was first documented by the network security firm in August 2022, is known to exclusively brute-force SSH servers configured to accept password authentication.
The nascent malware is heavily inspired by the Mirai botnet, whose source code leaked in October 2016, leading to the rise of several variants.
What’s notable about the updated version of RapperBot is its ability to perform Telnet brute-force, in addition to supporting DoS attacks using the Generic Routing Encapsulation (GRE) tunnelling protocol as well as UDP floods targeting game servers running Grand Theft Auto: San Andreas.
images from Hacker News