Security News > 2020 > April > Mootbot Botnet Targets Fiber Routers with Dual Zero-Days
2020-04-20 20:51
The Mootbot botnet has been using a pair of zero-day exploits to compromise multiple types of fiber routers.
According to researchers at NetLab 360, the operators of the Mootbot botnet in late February started to exploit a zero-day bug found in nine different types of fiber routers used to provide internet access and Wi-Fi to homes and businesses.
A day after that, on March 19, the firm saw attacks in the wild using the PoC to attempt to spread the Gafgyt botnet.
A few days later, the botnet had adopted the PoC as part of a worming attempt to move from router to router.
Moobot is a new botnet family based on Mirai botnet, which targets internet of things devices.
News URL
https://threatpost.com/mootbot-fiber-routers-zero-days/154962/
Related news
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- Juniper warns of Mirai botnet targeting Session Smart routers (source)
- Juniper warns of Mirai botnet scanning for Session Smart routers (source)
- New botnet exploits vulnerabilities in NVRs, TP-Link routers (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)