Security News > 2020 > March > New Mirai Variant ‘Mukashi’ Targets Zyxel NAS Devices

New Mirai Variant ‘Mukashi’ Targets Zyxel NAS Devices
2020-03-20 13:27

Another variant of the shape-shifting Mirai botnet is attacking Zyxel network-attached storage devices using a critical vulnerability that was only recently discovered, according to security researchers.

The variant, dubbed Mukashi, takes advantage of a pre-authentication command injection vulnerability found in Zyxel NAS storage devices, according to researchers at Palo Alto Networks' Unit 42 global threat intelligence team.

Mirai variants observed by researchers show a shift in focus in the last year to target hardware and processors, and the latest variant Mukashi bucks that trend.

Mukashi shares some characteristics with previous Mirai variants as well as the Mirai botnet from which it was spawned, Unit 42 researchers wrote.

Once executed, Mukashi prints the message "Protecting your device from further infections" to the console, after which it changes its process name to "Dvrhelper"-a name implies that implies Mukashi may also have inherited some of Mirai's functionality, they wrote.


News URL

https://threatpost.com/new-mirai-variant-mukashi-targets-zyxel-nas-devices/153982/?utm_source=rss&utm_medium=rss&utm_campaign=new-mirai-variant-mukashi-targets-zyxel-nas-devices

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Zyxel 382 0 82 95 51 228