Communications of the ACM
BotenaGo Botnet Targets Millions of IoT Devices with 33 Exploits
BotenaGo was written in Golang (Go), which has been exploding in popularity in recent years, with malware authors loving it for making payloads that are harder to detect and reverse engineer.
Credit: bleepingcomputer.com
AT&T researchers found the BotenaGo malware botnet uses 33 exploits to attack millions of routers, modems, network attached storage, and Internet of Things devices.
Once installed, the malware listens on two ports, waiting for an IP address to be sent to it, after which it exploits each vulnerability on that IP address to obtain access.
BotenaGo then executes remote shell commands to recruit the device into the botnet.
The researchers were unable to retrieve any payloads on the hosting server for analysis, nor could they find an active C2 communication between BotenaGo and an actor-controlled server.
The researchers believe BotenaGo is only one part of a multi-stage modular malware attack.
They note that a sample from its early development stage was leaked accidentally into the wild and that the malware is not yet operational.
From BleepingComputer
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA
No entries found