Black Basta hackers unveil VPN brute-force tool BRUTED

Black Basta hackers have revealed a new tool called BRUTED, used since 2023 for brute-force attacks on VPNs and firewalls. This tool automates credential stuffing and targets various devices, including SonicWall and Cisco. Cybersecurity researchers discovered BRUTED through leaked chat logs. The tool identifies potential victims by analyzing subdomains and IP addresses, then attempts to log in using a list of credentials and generated guesses. BRUTED employs SOCKS5 proxies to avoid detection, with its infrastructure reportedly based in Russia. Businesses are advised to use strong passwords and multi-factor authentication to protect against such attacks.