New Mirai Botnet Variant Found Targeting ZyXEL Devices In Argentina - Tech Office - Latest Hacking News,IT Security News and Cyber Security

This Blog is protected by DMCA.com

Navigation

New Mirai Botnet Variant Found Targeting ZyXEL Devices In Argentina

While tracking botnet motion on their honeypot traffic, safety researchers at Chinese IT security firm Qihoo 360 Netlab discovered a new variant of Mirai—the well known IoT botnet malware that wreaked havoc last year. Newest, researchers discerned an improvement in traffic scanning ports 2323 and IP addresses from Argentina in shorter than a day.
New Mirai Botnet Variant Found Targeting ZyXEL Devices In Argentina
While tracking botnet motion on their honeypot traffic, safety researchers at Chinese IT security firm Qihoo 360 Netlab discovered a new variant of Mirai—the well known IoT botnet malware that wreaked havoc last year.

Newest, researchers discerned an improvement in traffic scanning ports 2323 and  IP addresses from Argentina in shorter than a day.

These targeted port scans are actively scanning for vulnerable internet-connected devices manufactured by ZyXEL Communications using two default telnet credential combinations admin/CentryL1nk and admin/QwestM0dem—to gain root privileges on the targeted devices.

Researchers continue aforementioned permanent battle is part of a new Mirai variant that has been upgraded to exploit a newly released vulnerability (identified as CVE-2016-10401) in ZyXEL PK5001Z modems.

"ZyXEL PK5001Z devices have zyad5001 as the su (superuser) password, which makes it easier for remote attackers to obtain root access if a non-root ac password is known the vulnerability description reads.
Mirai is the equivalent IoT botnet malware that hit better Internet companies offline last year by launching massive DDoS attacks against Dyndns, crippling some of the world's biggest websites, including Twitter, Netflix, Amazon, Slack, and Spotify.
iot-botnet

Mirai-based attacks encountered sudden appearance after someone openly released its source code in October 2016. Currently, there are several variants of the Mirai botnet attacking IoT devices.

The special warning of having the source code of any malware in public is that it could allow attackers to upgrade it with newly disclosed exploits according to their needs and targets.
"For an attacker that finds a new IoT vulnerability, it would be easy to incorporate it into the already existing Mirai code, thus releasing a new variant," Dima Beckerman, security researcher at Imperva, told The Hacker News.
"Mirai spread it self using default IoT devices credentials. The newly  variant adds many devices to this list. But, we can’t know for sure what other changes were implemented into the code. In the future, we might witness some new attack methods by Mirai variants."

That is not the very first time when the Mirai botnet targeted internet-connected devices manufactured by ZyXEL. Specifically a year ago, millions of Zyxel routers were found vulnerable to a critical remote code execution flaw, which was exploited by Mirai.

Secure Your (Easily Hackable) Internet-Connected Devices


1. Change Default Passwords for your connected devices: If you own any internet-connected device at home or work, change its default credentials. Hold in mind; Mirai malware scans for default settings.

2. Disable Remote Management through Telnet: Go into your router’s settings and disable remote management protocol, specifically through Telnet, as this is a protocol used to allow one computer to control another from a remote location. It should be also used in previous Mirai attacks.

3. Check Software Updates: Last but not the least—always keep your internet-connected devices and routers up-to-date with the latest firmware updates and patches
Share

Osman

Osman Gani is the Chief Seo Expert and the Founder of ‘Tech Office’. He has a very deep interest in all current affairs topics whatsoever. Well, he is the power of our team and he lives in India. who loves to be a self-dependent person. As an author, I am trying my best to improve this platform day by day. His passion, dedication and quick decision-making ability make him stand apart from others.

Post A Comment:

1 comments: