Security News > 2020 > April > Dark_Nexus Botnet Compromises Thousands of ASUS, D-Link Routers
The botnet, called dark nexus, uses processes similar to previous dangerous IoT threats like the Qbot banking malware and Mirai botnet.
Dark nexus also borrows code and processes previously used by Qbot and the infamous Mirai botnet that launched the 2016 Dyn DDos attack.
Beyond these similarities researchers point to the dark nexus component lineup as a sign that the botnet it paving its own way.
The botnet also uses a unique technique meant to ensure "Supremacy" on the compromised device, researchers said: "Uniquely, dark nexus uses a scoring system based on weights and thresholds to assess which processes might pose a risk," they said.
Helios, a known botnet author who sells DDoS services and botnet code, as a possible creator of dark nexus.
News URL
https://threatpost.com/dark_nexus-botnet-asus-dlink-routers/154571/