The most recent version of the Fodcha DDoS botnet has ransom requests embedded into packets and can avoid detection. Fodcha, which was first identified in April 2022, has developed into a serious menace. Delivering ransom demands directly inside DDoS packets used to attack victims’ networks is the only significant improvement.
Additionally, the botnet now uses encryption when speaking with the C2 server. Security researchers will therefore have a harder time analysing and eliminating the infection. With 60,000 active bot nodes every day, the botnet depends on 42 C2 domains to generate up to 1Tbps of harmful traffic. Read More…