AT&T reveals malware targeting millions of routers, IoT devices2021-11-12 19:11 by Daniela
Tags: AT&T, malware, IoT
Newly surfaced malware that is difficult to detect and written in Google's open-source programming language has the potential to exploit millions of routers and IoT devices, researchers have found. Discovered by researchers at AT&T AlienLabs, BotenaGo can exploit more than 30 different vulnerabilities to attack a target, Ofer Caspi, a security researcher at Alien Labs, wrote in a blog post published Thursday.
Unfortunately, the number of antivirus solutions that can defend against the malware - at least at time of writing - is much lower. AT&T Alien Labs says that just six of the 62 vendors used by the malware-scanning VirusTotal platform identified BotenaGo as malware when it was discovered.
BotenaGo, creates a backdoor and waits to either receive a target to attack from a remote operator through port 19412 or from another related module running on the same machine. Since the links to the payload were like those of the Mirai malware, some scanners recognize the malware as a variant of it. Researchers noted that the new malware only look for vulnerable systems to spread its payload.
"In addition, Mirai uses an "XOR table" to hold its strings and other data, as well as to decrypt them when needed - this is not the case for the new malware using Go. For this reason, Alien Labs believes this threat is new, and we have named it BotenaGo," said researchers.
Read more -here-