SecurityScorecard Discovers new botnet, ‘Zhadnost,’ responsible for Ukraine DDoS attacks
ID: f39b014a-3004-528b-9cd9-f5eed5bbf193
STIX ID: report--f39b014a-3004-528b-9cd9-f5eed5bbf193
Feed Name: SecurityScorecard Blog
Threat Score
SecurityScorecard analyzed three DDoS incidents against Ukrainian government and banking websites in February 2022, identified a 3,000+ IP botnet dubbed “Zhadnost” composed mainly of MikroTik routers with DNS recursion enabled (used for DNS amplification) and some HTTP flooding, assessed limited operational impact but moderate-confidence attribution to Russia or Russian-aligned actors, and provided mitigation guidance and IoC contact information.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.