Commercial virtual private servers, which have been compromised through vulnerability exploits, have accounted for nearly 80% of daily bots used by the SystemBC proxy botnet as a proxy highway, enabling infections that last longer than average, according to BleepingComputer.Attackers have leveraged easily exploitable flaws to infect the VPS systems, which then allowed high-volume traffic before downloading a shell script that orders SystemBC execution, a report from Lumen Technology's Black Lotus Labs revealed.Researchers also found that an IP address was able to produce 16 GB of proxy data following SystemBC malware execution in a simulated environment."This amount of data is an order of magnitude greater than what is commonly observed in typical proxy networks," researchers added.Further analysis revealed that over 80 command-and-control servers have been used by SystemBC to establish connections with a compromised proxy server while powering the other proxy network services, including REM Proxy.
Network Security
Virtual private servers targeted by SystemBC proxy botnet

(Adobe Stock)
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



