BotenaGo: a mysterious malware intrigues researchers

Security researchers have detected a new form of IoT malware that uses more than 30 different computer vulnerabilities.

Detailed by cybersecurity researchers at AT&T Alien Labs, BotenaGo malware can use various methods to attack targets and then create a backdoor on compromised devices. “Implemented with more than 30 exploits, it has the potential to target millions of routers and connected objects,” the researchers said.

Some antivirus suites detect the malware as a variant of Mirai, a known malware that overwhelmed large sections of the Internet with DDoS attacks in 2016. While the payload appears similar, it is actually significantly different because it is written in Go programming. idiom.

Go has gained popularity among developers in recent years and is also becoming increasingly popular with malware writers.

BotenaGo scans the Internet for vulnerable targets. Analysis of the code reveals that the attacker has a real-time global infection counter, which tells him how many devices are compromised at any given time.

Attackers can exploit vulnerabilities in Internet-connected devices and can remotely execute shell commands. This feature could potentially be used as a gateway to the compromised device’s network, if not properly protected.

Attackers also have the option to use this option to distribute malicious payloads, but when the researchers analyzed BotenaGo, these had apparently been removed from the attackers’ hosted servers, so it was not possible to analyze them.

One malware, many possibilities

BotenaGo could potentially compromise millions of devices that are exposed to the vulnerabilities described by the researchers, but the malware still does not appear to communicate with a command-and-control server.

According to the researchers, there are three possibilities. First, BotenaGo could be a module of a larger malware suite that is not being used in attacks at the moment. It is also possible that it is connected to Mirai and used to target specific machines. Finally, the researchers also suggest that BotenaGo is still in development and that a beta version was accidentally released early, so it’s not doing much yet.

Even if it is idle, the large number of vulnerabilities that BotenaGo can exploit means that millions of devices are potentially vulnerable.

To protect against this threat and other malware, it is recommended that you maintain your software properly and apply security updates as soon as possible to reduce the time attackers have to exploit newly disclosed vulnerabilities.

It is also recommended not to expose connected objects on the Internet and to implement a properly configured firewall to protect them.

Source: “.com”

Woodmart Theme Nulled, WP Reset Pro, Newspaper 11.2, Newspaper – News & WooCommerce WordPress Theme, Premium Addons for Elementor, Rank Math Seo Pro Weadown, WeaPlay, WordPress Theme, Plugins, PHP Script, Jannah Nulled, Elementor Pro Weadown, Woocommerce Custom Product Ad, Business Consulting Nulled, Jnews 8.1.0 Nulled, Avada 7.4 Nulled, Nulledfire, Dokan Pro Nulled, Yoast Nulled, Flatsome Nulled, PW WooCommerce Gift Cards Pro Nulled, Astra Pro Nulled, Woodmart Theme Nulled, Slider Revolution Nulled, Wordfence Premium Nulled, Elementor Pro Weadown, Wpml Nulled, Consulting 6.1.4 Nulled, Fs Poster Plugin Nulled

Back to top button