ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service

Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers.

Cybersecurity researchers at Darktrace have identified a new botnet called ShadowV2 is structured as a DDoS-for-hire service, offering attackers an easy way to launch large-scale attacks on demand.

This means anyone can rent access to its network to launch a distributed denial-of-service (DDoS) attack, making it easier for attackers to generate massive traffic surges similar to those seen in record-breaking incidents across the internet.

ShadowV2 doesn’t go after typical home computers; it infects misconfigured Docker containers on Amazon Web Services (AWS) cloud servers. Docker is a technology that lets developers package and run applications in isolated environments called containers. These containers are a modern way to build and run software, but if they’re not set up correctly, they can be exploited by cybercriminals.

The Attack ...