A recent Necro Python bot campaign showed that the developer behind the malware is working hard to improve its capabilities.
On Thursday, Cisco Talos researchers released a report on Necro Python, a bot that has been in development since 2015. The botnet’s development progress was documented in January 2021 by both Check Point Research (CPR) and Netlab 360, separately as FreakOut and Nekro.
The developer behind the Necro Python bot made a number of changes to increase the bot’s performance and versatility, including exploits for over 10 different web applications and the SMB protocol used as a weapon in the bot’s recent campaigns. Exploits are included for vulnerabilities in software such as VMWare vSphere, SCO OpenServer and Vesta Control Panel.
A version of the botnet released on May 18 also contains exploits for EternalBlue …