Security News > 2023 > February > New Mirai malware variant infects Linux devices to build DDoS botnet
A new Mirai botnet variant tracked as 'V3G4' targets 13 vulnerabilities in Linux-based servers and IoT devices to use in DDoS attacks.
The malware spreads by brute-forcing weak or default telnet/SSH credentials and exploiting hardcoded flaws to perform remote code execution on the target devices.
Once a device is breached, the malware infects the device and recruits it into its botnet swarm.
The botnet also attempts to terminate a set of processes from a hardcoded list, which includes other competing botnet malware families.
Finally, compromised devices are issued DDoS commands directly from the C2, including TCP, UDP, SYN, and HTTP flooding methods.
As always, the best way to protect your devices from Mirai-like infections is to change the default password and install the latest security updates.
News URL
Related news
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services (source)
- Volt Typhoon rebuilds malware botnet following FBI disruption (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign (source)
- Researchers discover first UEFI bootkit malware for Linux (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- New stealthy Pumakit Linux rootkit malware spotted in the wild (source)
- Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms (source)