Dark_Nexus Botnet Compromises Thousands of ASUS, D-Link Routers

2020-04-08 18:46

The botnet, called dark nexus, uses processes similar to previous dangerous IoT threats like the Qbot banking malware and Mirai botnet.

Dark nexus also borrows code and processes previously used by Qbot and the infamous Mirai botnet that launched the 2016 Dyn DDos attack.

Beyond these similarities researchers point to the dark nexus component lineup as a sign that the botnet it paving its own way.

The botnet also uses a unique technique meant to ensure "Supremacy" on the compromised device, researchers said: "Uniquely, dark nexus uses a scoring system based on weights and thresholds to assess which processes might pose a risk," they said.

Helios, a known botnet author who sells DDoS services and botnet code, as a possible creator of dark nexus.

News URL

https://threatpost.com/dark_nexus-botnet-asus-dlink-routers/154571/

#asus #botnet #compromise #dlink #router

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Asus		553	19	116	94	33	262
D Link		113	1	33	30	39	103

News URL

Related news

Related vendor