Phorpiex botnet

The Phorpiex Botnet, initially a worm spreading through removable and network drives, gained notoriety for using the IRC protocol, known as Trik. This malicious network is infamous for its wide range of cyber activities, including massive spam campaigns, crypto-jacking, ransomware distribution, and cryptocurrency theft.

After a period of inactivity in its command and control servers, Phorpiex resurfaced with a new bot named "Twizt," allowing it to operate independently in a peer-to-peer mode. It evades detection by checking for virtual or debugging environments, terminating itself if found. Without such environments, it ensures persistence on compromised systems and infects drives, while also connecting to malicious servers to download more malware and disabling security features.

In 2021, Phorpiex was detected in 96 countries, notably using cryptocurrency theft methods. Protecting your organization from this threat is crucial. Implementing a Security Information and Event Management (SIEM) solution can provide real-time threat prevention against known and emerging threats, bolstering network and endpoint security to defend against the Phorpiex Botnet and similar dangers. Watch the video to learn more—three minutes is all it takes!


Get the latest content delivered
right to your inbox!

Thank you for subscribing.

You will receive regular updates on the latest news on cybersecurity.

  • Please enter a business email id
    By clicking on Keep me Updated you agree to processing of personal data according to the Privacy Policy.

Expert Talks


© 2021 Zoho Corporation Pvt. Ltd. All rights reserved.