Security News > 2021 > April > Gafgyt Botnet Lifts DDoS Tricks from Mirai
Several variants of the Gafgyt Linux-based botnet malware family have incorporated code from the infamous Mirai botnet, researchers have discovered.
Gafgyt is a botnet that was first uncovered in 2014.
Mirai variants and its code re-use have become more voluminous since the source code for the IoT botnet was released in October 2016.
The latest versions of Gafgyt contain new approaches for achieving initial compromise of IoT devices, Uptycs found; this is the first step in turning infected devices into bots to later perform DDoS attacks on specifically targeted IP addresses.
Researchers in March discovered what they said is the first variant of the Gafgyt botnet family to cloak its activity using the Tor network.
Mirai hasn't disappeared either: a new variant of the botnet was recently discovered targeting a slew of vulnerabilities in unpatched D-Link, Netgear and SonicWall devices.
News URL
https://threatpost.com/gafgyt-botnet-ddos-mirai/165424/
Related news
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign (source)
- Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords (source)
- Juniper warns of Mirai botnet targeting Session Smart routers (source)
- Juniper warns of Mirai botnet scanning for Session Smart routers (source)