The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed and “upscaled” campaign, months after Google disrupted the malicious activity.
The ongoing attack is suggestive of the malware’s resilience in the face of takedowns, cybersecurity company Nozomi Networks said in a write-up. “In addition, there was a tenfold increase in TOR hidden services being used as C2 servers