Security News > 2022 > December > New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices
A new Go-based malware named 'Zerobot' has been spotted in mid-November using exploits for almost two dozen vulnerabilities in a variety of devices that include F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras.
The purpose of the malware is to add compromised devices to a distributed denial-of-service botnet to launch powerful attacks against specified targets.
Zerobot can scan the network and self-propagate to adjacent devices as well as run commands on Windows or Linux.
Security researchers at Fortinet discovered Zerobot and say that since November a new version has emerged with additional modules and exploits for new flaw, indicating that the malware is under active development.
Zerobot incorporates exploits for 21 vulnerabilities and uses them to gain access to the device.
Fortinet says that since Zerobot first appeared on November 18 its developer has improved it with string obfuscation, a copy file module, a self-propagation module, and several new exploits.
News URL
Related news
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- macOS HM Surf vuln might already be under exploit by major malware family (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Helldown ransomware exploits Zyxel VPN flaw to breach networks (source)