BleepingComputer reports that intrusions involving known security flaws and brute force tactics have been deployed by Romanian threat operation RUBYCARP for at least a decade, with the group currently operating a botnet with more than 600 breached servers.
Article Link: Long-running RUBYCARP botnet operation examined | SC Media