Botnet on HackingPassion.com : root@HackingPassion.com-[~]

Google Leaked the Chrome Bug That Turns Your Browser Into a Botnet

Sun, 07 Jun 2026 13:36:33 +0200

A single visit to one website can quietly turn your browser into part of a botnet, and the working code to do it is now still sitting out in the open.

It affects Chrome, Microsoft Edge, Brave, Opera, Vivaldi, and almost every browser built on Chromium. Someone flagged it to Google back in 2022. Google sat on it for almost four years, and then leaked the exploit code itself, by accident, on its own bug tracker.

Your Home Devices Are Being Turned Into Proxies for the AI Industry

Sat, 06 Jun 2026 16:51:31 +0200

Your phone, your TV, your router, anything in your home with an internet connection can be put to work crawling the web for the AI industry, and nothing on the device says it is happening. Some of that traffic is harmless scraping. Some of it is not, and it leaves under your IP address either way, so it traces back to you. It’s called a residential proxy.

I came across it through the smart TV story this morning. Researchers had taken apart the software inside some free smart TV apps and found it quietly turns the television into a relay, using the home connection to pull web pages for a data company that resells that access to the AI industry. One question stuck with me. What if it does not stop at one device. So I went digging, and it does not stop there, not by a long way.

How Botnets Hide in Plain Sight: Tor, I2P, and the C2 Networks You Can't See

Sun, 24 May 2026 11:30:46 +0200

The command server is a botnet’s one real weak point. Take it down and the bots go quiet. Operators figured this out early and built their infrastructure to survive exactly that.

This article covers how they do it. How botnets hide their command infrastructure inside Tor and I2P, how they scan for new victims without exposing themselves, and what to look for to detect it. Technical and step by step.

Kimwolf Botnet: 2 Million Android TV Boxes Hacked via Proxy App Vulnerability

Sun, 04 Jan 2026 15:28:00 +0100

A botnet just fired 1.7 billion DDoS commands in 72 hours. Attack capacity: nearly 30 Terabits per second. 2 million Android TV boxes sitting in living rooms across 222 countries and regions. And now we know how the attackers built it so fast. 🧐

The attackers didn’t send phishing emails. They didn’t trick anyone into downloading malware. They just bought access to a proxy service and walked right into home networks.

RondoDox Botnet: 56 Exploits, Gaming Traffic Disguise, and Self-Defense Against Recovery

Thu, 01 Jan 2026 15:17:00 +0100

RondoDox added React2Shell to its arsenal. 90,000+ servers. 56 vulnerabilities. 30+ vendors. They call it the “exploit-shotgun” approach. Fire everything, see what hits. 😱

Once inside, RondoDox doesn’t just sit there. It launches DDoS attacks. Mines Monero. Turns infected devices into proxies to hide other attacks. And it breaks the tools needed to fight back.

The botnet has been running for 9 months. Three distinct phases. March to April 2025 was reconnaissance. April to June was daily probing of WordPress, Drupal, Struts2, and IoT devices. July onward became hourly automated attacks at scale.

Your Router Just Failed: ASUS & TP-Link Critical Vulnerabilities (CVE-2025-59367)

Sun, 16 Nov 2025 13:11:54 +0100

Your router protects your home network from the internet. Or it’s supposed to. Two major vendors just proved it doesn’t. 😅

ASUS: CVE-2025-59367 (CVSS 9.3) TP-Link: CVE-2025-7850 + CVE-2025-7851 (CVSS 9.3 + 8.7)

Both disclosed November 2025. Both critical. Both letting attackers walk right in.

ASUS routers: No password required.

The vulnerability affects ASUS DSL-AC51, DSL-N16, and DSL-AC750 routers. Authentication bypass.

If your router’s management interface is exposed to the internet, an attacker can connect remotely without any credentials. No username. No password. Direct admin access.