Security News > 2020 > October > ALERT! Hackers targeting IoT devices with a new P2P botnet malware

Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining.
The researchers said the HEH botnet samples discovered so far support a wide variety of CPU architectures, including x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III), and PowerPC. The botnet, despite being in its early stages of development, comes with three functional modules: a propagation module, a local HTTP service module, and a P2P module.
The second phase commences with the HEH sample starting an HTTP server that displays the Universal Declaration of Human Rights in eight different languages and subsequently initializing a P2P module that keeps track of the infected peers and allows the attacker to run arbitrary shell commands, including the ability to wipe all data from the compromised device by triggering a self-destruct command.
"The operating mechanism of this botnet is not yet mature, [and] some important functions such as the attack module have not yet been implemented," the researchers concluded.
"With that being said, the new and developing P2P structure, the multiple CPU architecture support, the embedded self-destruction feature, all make this botnet potentially dangerous."
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/RPRZ_0DUWlE/p2p-iot-botnet.html
Related news
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns (source)
- Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)