The Broadband Guide
search advanced

AT&T reveals malware targeting millions of routers, IoT devices

2021-11-12 19:11 by
Tags: , ,


Newly surfaced malware that is difficult to detect and written in Google's open-source programming language has the potential to exploit millions of routers and IoT devices, researchers have found. Discovered by researchers at AT&T AlienLabs, BotenaGo can exploit more than 30 different vulnerabilities to attack a target, Ofer Caspi, a security researcher at Alien Labs, wrote in a blog post published Thursday.

Unfortunately, the number of antivirus solutions that can defend against the malware - at least at time of writing - is much lower. AT&T Alien Labs says that just six of the 62 vendors used by the malware-scanning VirusTotal platform identified BotenaGo as malware when it was discovered.

BotenaGo, creates a backdoor and waits to either receive a target to attack from a remote operator through port 19412 or from another related module running on the same machine. Since the links to the payload were like those of the Mirai malware, some scanners recognize the malware as a variant of it. Researchers noted that the new malware only look for vulnerable systems to spread its payload.

"In addition, Mirai uses an "XOR table" to hold its strings and other data, as well as to decrypt them when needed - this is not the case for the new malware using Go. For this reason, Alien Labs believes this threat is new, and we have named it BotenaGo," said researchers.

Read more -here-


  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About