Malware operators utilized this particular attack scenario in China, where they bribed the employees of an authorized gaming company in order to embed samples of their malware in the source code of one of their many mobile apps.
Known as Mumblehard, the botnet was the product of highly skilled developers. It used a custom "packer" to conceal the Perl-based source code that made it run, a backdoor that gave attackers persistent access, and a mail daemon that was able to send large volumes of spam. Command servers that coordinated the compromised machines' operations could also send messages to Spamhaus requesting the delisting of any Mumblehard-based IP addresses that sneaked into the real-time composite blocking list, or CBL, maintained by the anti-spam service.
The database of the Philippine Commission on Elections (COMELEC) has been breached and the personal information of 55 million voters potentially exposed in what could rank as the worst ever government data breach anywhere.
The problem lies with how a widely-used modem, the Arris Surfboard SB6141, handles authentication and cross-site requests.
Arris (formerly Motorola) said that it has sold more than 135 million of the Surfboard SB6141 modems, but an Arris spokesperson disputed that the figure was "not an accurate representation" of the units impacted and that only a "subset" of Surfboard devices were affected.
Millions of Comcast, Time Warner Cable, and Charter customers (and more) were shipped one of these modems when they first subscribed.
On Friday, WordPress announced that it is bringing free HTTPS to all -- "million-plus" -- custom domains, essentially ramping up security on every blog and website. The publishing platform says it partnered with Let's Encrypt project to implement HTTPS across such a voluminous number of sites.