Security News > 2022 > December > New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices
A new Go-based malware named 'Zerobot' has been spotted in mid-November using exploits for almost two dozen vulnerabilities in a variety of devices that include F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras.
The purpose of the malware is to add compromised devices to a distributed denial-of-service botnet to launch powerful attacks against specified targets.
Zerobot can scan the network and self-propagate to adjacent devices as well as run commands on Windows or Linux.
Security researchers at Fortinet discovered Zerobot and say that since November a new version has emerged with additional modules and exploits for new flaw, indicating that the malware is under active development.
Zerobot incorporates exploits for 21 vulnerabilities and uses them to gain access to the device.
Fortinet says that since Zerobot first appeared on November 18 its developer has improved it with string obfuscation, a copy file module, a self-propagation module, and several new exploits.
News URL
Related news
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features (source)