Lax Security Fuels Massive 8220 Gang Botnet Army Surge

The threat group 8220 Gangs cryptocurrency miner and botnet reach has exploded to 30,000 global hosts, a notable increase over the past month, researchers say.

Leveraging little more than Linux bugs, common cloud application vulnerabilities, and misconfigurations, the 8220 Gang has been able to use its latest IRC botnet to infect more than 30,000 hosts with their PwnRig cryptominer.
Researchers with SentinelOne reported observing this noteworthy increase in the number of infected hosts over the course of just the past month. In mid-2021, the analysts said the
malicious botnet
was running on just 2,000 hosts worldwide.
The 8220 Gang gets its name from its original command-and-control communications port choice:8220.
Over the past few years, 8220 Gang has slowly evolved their simple, yet effective, Linux infection scripts to expand a botnet and illicit cryptocurrency miner, the
cloud botnet security
warning explained. From our observations, the group has made changes over the recent weeks to expand the botnet to nearly 30,000 victims globally.
Patching and better password hygiene would prevent most infections, researchers noted.
The report includes indicators of compromise (IoCs).

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Lax Security Fuels Massive 8220 Gang Botnet Army Surge