GoBruteforcer Botnet: A new wave of attacks has started again, and has been targeting cryptocurrency and blockchain projects. There mode of attack is very simple, used a small and re-usable password. In case of their targets about cryptocurrency focused, they used
(cryptouser, appcrypto, crypto_app, and crypto, or cryptouser1 or crypto_user1234) (are you one of those who deployed projects using this password?)
They also made advances of their brute force and go thru TRON blockchain addresses and queries balances using the tronscanapi[.]com service to identify accounts with non-zero funds. This indicates a concerted effort to target blockchain projects, with a TRON balance scanner and TRON and BSC “token-sweep” utilities.
https://research.checkpoint.com/2026/inside-gobruteforcer-ai-generated-server-defaults-weak-passwords-and-crypto-focused-campaigns/So I guess the lessons here is not to use or re-use crypto password that can easily be brute or guess. Create a strong password with at least 12 characters long. Combinations of uppercase letters, lowercase letters, numbers, and symbols. And practice safe security hygiene so that you won't be the next victim by this attacks.
