Security News > 2023 > February > New Mirai malware variant infects Linux devices to build DDoS botnet
A new Mirai botnet variant tracked as 'V3G4' targets 13 vulnerabilities in Linux-based servers and IoT devices to use in DDoS attacks.
The malware spreads by brute-forcing weak or default telnet/SSH credentials and exploiting hardcoded flaws to perform remote code execution on the target devices.
Once a device is breached, the malware infects the device and recruits it into its botnet swarm.
The botnet also attempts to terminate a set of processes from a hardcoded list, which includes other competing botnet malware families.
Finally, compromised devices are issued DDoS commands directly from the C2, including TCP, UDP, SYN, and HTTP flooding methods.
As always, the best way to protect your devices from Mirai-like infections is to change the default password and install the latest security updates.
News URL
Related news
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- Linux malware “perfctl” behind years-long cryptomining campaign (source)
- Linux systems targeted with stealthy “Perfctl” cryptomining malware (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- New FASTCash malware Linux variant helps steal money from ATMs (source)
- New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services (source)
- Volt Typhoon rebuilds malware botnet following FBI disruption (source)