Security News > 2020 > March > Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices

Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices
2020-03-21 01:45

A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage devices in an attempt to remotely infect and control vulnerable machines.

Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall products to take control of the devices and add them to a network of infected bots that can be used to carry out Distributed Denial of Service attacks.

Multiple Zyxel NAS products running firmware versions up to 5.21 are vulnerable to the compromise, Palo Alto Networks' Unit 42 global threat intelligence team said, adding they uncovered the first such exploitation of the flaw in the wild on March 12.

Mukashi Targets Zyxel NAS Devices Just like other Mirai variants, Mukashi operates by scanning the Internet for vulnerable IoT devices like routers, NAS devices, security cameras, and digital video recorders, looking for potential hosts that are protected only by factory-default credentials or commonly-used passwords to co-opt them into the botnet.

It's recommended that all Zyxel consumers download the firmware update to protect devices from Mukashi hijacks.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/HrG2O-6pj04/zyxel-mukashi-mirai-iot-botnet.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Zyxel 485 3 120 77 45 245