0
Please log in or register to do it.

A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio.

“Key features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various SaaS accounts,” SentinelOne security researcher Alex Delamotte said in a report shared with The Hacker News.

FBot is the latest addition to the list of cloud hacking tools like AlienFox, GreenBot (aka Maintance), Legion, and Predator, the latter four of which share code-level overlaps with AndroxGh0st.

SentinelOne described FBot as “related but distinct from these families,” owing to the fact that it does not reference any source code from AndroxGh0st, although it exhibits similarities with Legion, which first came to light last year.

Threat Actors Increasingly Abusing GitHub for Malicious Purposes
Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

Your email address will not be published. Required fields are marked *