Qrator Labs discovered new data mining botnet
Qrator Labs has summed up the results of the fourth quarter of 2021 and discovered a new data mining botnet with 160,097 devices. This is almost three times more than in the third quarter, and more than in any other quarter of 2021.
Interestingly, this botnet was not used at all for organizing DDoS attacks, but for data mining by one of the retail companies.
The company also notes a record number of unique BGP incidents related to traffic interception: during November, 17,798 autonomous systems generated BGP hijacks, which accounted for 16.3% of the total number of autonomous systems in the world.
Another BGP “record” was set by the number of BGP route leaks per maand. Dus, Desember 2021 showed a record number of route leaks – more than 10,000,000. This is almost twice as many as in the first two months of the fourth quarter.
The total route leaks in the fourth quarter are more than twice as high as in the third quarter – 19,852,504 in the fourth quarter versus 7,589,347 in the third.
According to Qrator Labs statistics, education and e-commerce were the most attacked industries in the fourth quarter, with a significant lead. The growth in the number of attacks on these segments was 12.29% en 10.21%, respectively. Payment systems are in third place with 9.75%. Banks, which accounted for a fantastic 22.28% of all DDoS attacks last quarter, were only targeted 5% of the time in the fourth quarter.
Ook, almost every quarter, the company detects a shift in the distribution of attack vectors. Dus, in the fourth quarter of 2021, the top three most popular DDoS attack vectors included:
- UDP flood from 33.75%;
- SYN flood from 22.71%;
- And IP flood from 20.21%.
Let me remind you that we also wrote that Pink botnet was infected over 1.5 miljoen toestelle, and also that the Chinese authorities have arrested the authors of the Mozi botnet.