![]() ![]() ![]() ![]() Another one targets CVE-2020-10173, a vulnerability in the Comtrend VR-3033 routers that potentially impacts roughly 250,000 devices. One of malware’s functions was designed to exploit CVE-2020-8958, a vulnerability that potentially affects over 2 million Guangzhou devices. ![]() Next, it loops through mapped exploit functions to execute them with the supplied IP.ĪT&T Alien Labs researchers have identified a total of 33 exploit functions that BotenaGo initiates. On a compromised device, the malware creates two backdoor ports: 3142, and starts listening on port 19412 to receive the victim’s IP. A newly discovered Golang-based malware is using over 30 exploits in attacks, potentially putting millions of routers and Internet of Things (IoT) at risk of malware infection, according to a warning from AT&T Alien Labs.ĭubbed BotenaGo, the threat deploys a backdoor on the compromised device, and then waits for commands – either from a remote operator or a malicious module on the device – to initiate an attack.Īs part of a typical BotenaGo attack, the malware first maps potential targets to attack functions, then queries the target with a GET request, after which it searches the returned data, and only then it attempts to exploit the vulnerable target. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |