Security News > 2023 > February > New Mirai malware variant infects Linux devices to build DDoS botnet
A new Mirai botnet variant tracked as 'V3G4' targets 13 vulnerabilities in Linux-based servers and IoT devices to use in DDoS attacks.
The malware spreads by brute-forcing weak or default telnet/SSH credentials and exploiting hardcoded flaws to perform remote code execution on the target devices.
Once a device is breached, the malware infects the device and recruits it into its botnet swarm.
The botnet also attempts to terminate a set of processes from a hardcoded list, which includes other competing botnet malware families.
Finally, compromised devices are issued DDoS commands directly from the C2, including TCP, UDP, SYN, and HTTP flooding methods.
As always, the best way to protect your devices from Mirai-like infections is to change the default password and install the latest security updates.
News URL
Related news
- Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year (source)
- Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers (source)
- New Mirai botnet behind surge in TVT DVR exploitation (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT (source)
- Watch out for any Linux malware sneakily evading syscall-watching antivirus (source)
- Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack (source)
- Linux wiper malware hidden in malicious Go modules on GitHub (source)
- Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet (source)