Security News > 2020 > April > Mootbot Botnet Targets Fiber Routers with Dual Zero-Days
2020-04-20 20:51
The Mootbot botnet has been using a pair of zero-day exploits to compromise multiple types of fiber routers.
According to researchers at NetLab 360, the operators of the Mootbot botnet in late February started to exploit a zero-day bug found in nine different types of fiber routers used to provide internet access and Wi-Fi to homes and businesses.
A day after that, on March 19, the firm saw attacks in the wild using the PoC to attempt to spread the Gafgyt botnet.
A few days later, the botnet had adopted the PoC as part of a worming attempt to move from router to router.
Moobot is a new botnet family based on Mirai botnet, which targets internet of things devices.
News URL
https://threatpost.com/mootbot-fiber-routers-zero-days/154962/
Related news
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- 13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks (source)