WatchDog: the New Botnet that Affects Windows and Linux Servers

There are many security threats that can put our devices at risk. It does not matter if we are talking about a mobile phone, computer, server … Any computer connected to the network could be attacked. In this article we report on a new botnet, WatchDog , which has been discovered and puts Linux and Windows servers in check. We will explain what it is and how it can affect security.


WatchDog, the new botnet that affects Windows and Linux servers

This new botnet called WatchDog has been discovered by Palo Alto Networks. It uses exploits to control the servers and get to mine cryptocurrencies. In recent times we have seen a boom in the price of digital currencies. This has caused hackers to renew their interest in these types of attacks.

Cryptocurrency mining botnets have grown in recent times. WatchDog is just another example. Cybercriminals use these types of strategies for financial gain.

Specifically, it has been discovered by Unit42 , a security division of Palo Alto Networks. However, it is not something really new, since they have discovered that it has been active since 2019. However, it is now that it has started to attack for real.

Security researchers have indicated that it is written in the Go programming language. They have detected attacks on Linux and Windows servers. Therefore, we are facing a botnet capable of mining cryptocurrencies in different operating systems. It is important to detect if a system is a botnet.

Botnet HEH

Obsolete applications, the way to get into systems

There are many security threats that are based on vulnerabilities or outdated software that can be exploited. It is undoubtedly one of the most important entry points for this type of attack. Hence the importance of always making sure that the equipment is updated and correcting all kinds of problems that may exist.

In total, according to Unit42, those responsible for the botnet used 33 different exploits to attack a total of 32 vulnerabilities in software such as Drupal, Apache Hadoop, Redis, Elasticsearch, Oracle WebLogic and others.

This Palo Alto Networks team analyzed the WatchDog malware binaries and estimated the size of the botnet to be around 500-1000 infected systems. They estimate the earnings at tens of thousands of dollars, as they believe they have managed to mine at least 209 Monero cryptocurrencies.

On the bright side, especially when compared to other similar botnets, WatchDog has not stolen user credentials . However, the researchers indicate that it is not something to be ruled out and that future updates could include this important novelty.

Security researchers themselves indicate that the best security barrier is to keep systems and devices up to date at all times. As we can see, there are many vulnerabilities that could be present. It is essential that we always have the latest patches and can correct all kinds of problems that could be exploited by hackers.

In short, WatchDog is a new botnet detected, although it has been in operation for a couple of years now, which is capable of attacking Windows and Linux servers. This means that we must keep the systems updated correctly.