Security News > 2023 > February > New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices
A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices.
"Once the vulnerable devices are compromised, they will be fully controlled by attackers and become a part of the botnet," Unit 42 researchers said.
"The threat actor has the capability to utilize those devices to conduct further attacks, such as distributed denial-of-service attacks."
The attacks primarily single out exposed servers and networking devices running Linux, with the adversary weaponizing as many as 13 flaws that could lead to remote code execution.
V3G4 further packs a set of default or weak login credentials that it uses to carry out brute-force attacks through Telnet/SSH and proliferate to other machines.
To stave off such attacks, it's recommended that users apply necessary patches and updates as and when they become applicable, and secure the devices with strong passwords.
News URL
https://thehackernews.com/2023/02/new-mirai-botnet-variant-v3g4.html
Related news
- IoT Devices in Password-Spraying Botnet (source)
- AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices (source)
- Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign (source)
- Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms (source)
- Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords (source)
- Juniper warns of Mirai botnet targeting Session Smart routers (source)
- Juniper warns of Mirai botnet scanning for Session Smart routers (source)