advertisement
Facebook Instagram Linkedin Youtube Spotify
Search
Close this search box.
Facebook
X
LinkedIn
WhatsApp
Reddit

New malware could target millions of routers and IoT gadgets through 30 exploits

Many years ago, malware known as Mirai was used to corral millions of security cameras and internet of things (IoT) devices into a botnet.

That botnet was then used to launch attacks at a range of companies and it looks like a similar sort of malware has entered the conversation of late.

The malware was discovered by AT&T Alien Labs and has been dubbed BotenaGo. The malware was created using the open-source programming language Golang and it has reportedly seen a 2 000 percent increase in its use in malware.

What is incredibly concerning about this malware is that is able to leverage over 30 exploits to target an attack.

“Some AVs detect these new malware variants using Go as Mirai malware — the payload links do look similar. However, there is a difference between the Mirai malware and the new malware variants using Go, including differences in the language in which it is written and the malware architectures,” writes Ofer Caspi, security researcher at AT&T Alien Labs.

The researcher goes on to say that BotenaGo only targets vulnerable systems, but it isn’t clear how it operates as there are a few oddities present.

This includes the fact that BotenaGo doesn’t communicate actively with a Command and Control server. While the malware can communicate with a server, at present it doesn’t appear to be communicating. Due to this, AT&T’s security team theorises that BotenaGo is part of a malware suite or it’s an evolution of Mirai. The final theory is that BotenaGo is in the beta phase and was leaked accidentally.

The threat landscape for this malware is incredibly concerning. According to AT&T Alien Labs, as many as 1.9 million IoT devices could be at risk of attack. In addition, almost 250 000 broadband routers could be at risk of an attack.

The researchers at the AT&T lab have listed a number of indicators of compromise as well as the exploits that can be used by BotenaGo.

Recommended actions include insuring software is up-to-date, ensuring minimal exposure to the internet on Linux servers and of IoT devices. This tech should be behind a properly configured firewall and IT teams should monitor network traffic and outbound port scans for unreasonable bandwidth usage.

[Image – CC 0 Pixabay]

advertisement

About Author

More
Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.
advertisement

Related News

TikTok may just exit the US market

Local ISPs reveal the fibre network operators they hate working with

Zuckerberg warns Meta investors that profits from AI will take time

Gauteng celebrates 350 graduates of Uber Eats upskilling

3 Jobs that SA businesses are using GenAI for right now

PayShap gets the MTN MoMo boost

advertisement
Facebook Instagram Linkedin Youtube Spotify
Hypertext is one of South Africa’s leading technology news and reviews sites. We publish original content daily for consumers and businesses.
All original words & media by Hypertext by htxt.media are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Hypertext. Where images and material are supplied by rights holders outside of htxt.media, original publishing licences are indicated and unaffected.
Click here to suggest a story.
Click here for advertising.
© 2024. All rights reserved by HTXT.