The Quad7 botnet expands its targets to include Zyxel VPN appliances, Ruckus wireless routers, and Axentra media servers, alongside previously targeted TP-Link and ASUS routers.
Recent reports by Sekoia and researcher Gi7w0rm detail its evolution, highlighting new malware, staging servers, botnet clusters, backdoors, and a shift from SOCKS proxies for stealthier operations.
Despite cybersecurity scrutiny, Quad7 persists, potentially aiming for distributed brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts.
Read more...