2 min read

Millions of Routers and IOT Devices Vulnerable to Malware Code Uploaded to Github

Vlad CONSTANTINESCU

January 27, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Millions of Routers and IOT Devices Vulnerable to Malware Code Uploaded to Github

The source code of a dangerous strain of malware that encompasses more than 30 exploits for various routers and IOT devices has recently surfaced on Github, placing millions of devices at risk.

Security experts say that releasing the code on Github could lead to an increase in cyberattacks, as threat actors could easily use it in their own attack campaigns or create new malware strains based on it.

AT&T Alien Labs first spotted the malware, called BotenaGo, last November. The malware, written in Google’s Golang (Go) open-source programming language, can help attackers execute remote shell commands on compromised systems.

BotenaGo hosts more than 30 vulnerability exploits for vendors such as D-Link, Netgear, Linksys and Tenda. The malware receives commands for targeting victims in two different ways, an Alien Labs analysis shows.

In one scenario, the malware creates two backdoor ports to listen and receive the target’s IP address, while the other involves deploying a listener to the system I/O input and using it to receive target intel.

Upon discovery, researchers pointed out that, although the malware can receive commands remotely, it lacks a command and control (C&C) infrastructure. However, things seem to have changed, as one new BotenaGo variant is designed to use a C&C server, according to an Alien Labs report.

Reportedly, BotenaGo’s payload links were similar to those used by Mirai botnet malware operators, which led researchers to believe that Mirai threat actors use BotenaGo to target known, vulnerable devices.

Despite its light frame (only 2,981 lines of code), the newly discovered malware packs a serious punch, considering that it hosts more than 30 vulnerability exploits for router and IOT devices. These include, but are not limited to:

Last but not least, the malware also has a low detection rate; at the time of the discovery, only three of 60 antivirus engines were reportedly able to detect new BotenaGo samples.

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Scam Pixelmon NFT Website Hosts Password-stealing Malware Scam Pixelmon NFT Website Hosts Password-stealing Malware
Vlad CONSTANTINESCU
1 min read
Researchers Find Several JavaScript Processing Flaws in Word, Adobe Acrobat, Other Apps Researchers Find Several JavaScript Processing Flaws in Word, Adobe Acrobat, Other Apps
Vlad CONSTANTINESCU
2 min read
Microsoft May Patch Tuesday Causes AD Authentication Failures Microsoft May Patch Tuesday Causes AD Authentication Failures
Vlad CONSTANTINESCU
1 min read