From en.secnews.gr
A highly sophisticated botnet is believed to have infected hundreds of thousands of websites by attacking content management platform (CMS) platforms.
Named KashmirBlack, the botnet started operating in November 2019.
Imperva security researchers – who analyzed the botnet last week – said that the primary purpose of the botnet seems to be to infect websites and then use their servers for cryptocurrency mining, redirecting a site’s traffic to spam pages and to a lesser extent the appearance of “web defacements”.
Imperva said the botnet started small, but after months of continuous development, it has grown into an advanced behemoth capable of attacking thousands of websites a day.