Cybercriminals return to using the Phorpiex botnet to spread ransomware

In a new report, threat researchers at Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies, reported a new outbreak of infections through the Phorpiex botnet . About 4% of organizations worldwide were affected, just over 8% in Brazil alone, according to the Global Threat Index for November 2020.

Also read: Managed LAN Service

The last time Phorpiex appeared on Check Point's top malware list was in June of this year. The Phorpiex botnet was first reported in 2010 and, at its peak, controlled more than a million infected hosts. Known for distributing other malware families through spam, as well as promoting large-scale "sextortion" spam and cryptomineration campaigns, Phorpiex has again distributed the Avaddon ransomware, as Check Point researchers originally reported earlier this year.

Avaddon is a relatively new variant of Ransomware-as-a-Service (RaaS) , and its operators have again recruited affiliates to distribute the ransomware offering a share of the profits. Avaddon was distributed via JS and Excel files as part of malspam campaigns and is capable of encrypting a wide variety of file types.

"Phorpiex is one of the oldest and most persistent botnets, and has been used by its creators for many years to distribute other malware transmission loads, such as GandCrab and Avaddon ransomware, or for 'sextortion' scams. This new wave of infections , which continues today, is spreading another ransomware campaign, which shows how effective a Phorpiex tool is, "says Maya Horowitz, Director of Intelligence and Threat Research and Products at Check Point.

The IT Support Engineer is responsible for taking offer application and technical support to the users. They have to respond and resolve the support requests and service tickets.


  • No Comment Yet
Please login first for post a comment