Skip to content

Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale

Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale
New research reveals SecShow, a Chinese actor using DNS probes to measure responses from open resolvers.

Table of Contents

Cybersecurity researchers have discovered a Chinese actor known as SecShow conducting Domain Name System (DNS) probing on a global scale. The actor operates from the China Education and Research Network (CERNET), funded by the Chinese government. The purpose of the SecShow operations is unknown, but it is suspected that the information gathered could be used for malicious activities. Additionally, a financially motivated threat actor has been found advertising a new botnet service called Rebirth to facilitate DDoS attacks, primarily targeting the video gaming community. The Rebirth malware supports functionality to launch DDoS attacks over TCP and UDP protocols. This is not the first time game servers have been targeted by DDoS botnets, as there have been previous instances of botnets targeting game servers. The Telegram channel associated with Rebirth has been erased, with a message posted on May 30, 2024, saying "Soon we back [sic]."

Source

Latest