P2PInfect malware variant targets IoT devices

Cybersecurity researchers from Cado Security Labs have uncovered a novel variant of the P2PInfect botnet that poses a heightened risk by targeting IoT devices.

The latest P2PInfect variant – compiled for Microprocessor without Interlocked Pipelined Stages (MIPS) architecture – signifies an expansion of the malware's capabilities, potentially paving the way for widespread infections.

Security researcher Matt Muir highlighted the significance of targeting MIPS,...

Fronton botnet can launch trending disinformation campaigns

A Russian IoT botnet known as Fronton can use inauthentic coordinated behaviour to launch disinformation trends on social media.

“Trends” on social media platforms are how many people keep updated with what’s going on in the world. There’s growing awareness of not believing everything that’s posted under a trend – especially around developing events like terror attacks – but there’s often an acceptance that it’s trending because enough real people are posting...

Mirai variant ‘Beastmode’ exploits fresh vulnerabilities

A variant of the Mirai botnet called Beastmode has been observed exploiting recently-discovered vulnerabilities.

The Mirai botnet is composed primarily of IoT and embedded devices. In 2016, Mirai made national headlines when it used exploited connected devices to overwhelm several high-profile targets with record-setting Distributed Denial-of-Service (DDoS) attacks.

Mirai’s original creator was arrested in the fall of 2018 but variants have continued to emerge which...

Netlab researchers discover IoT botnets HEH and Ttint

Security researchers from Netlab have discovered two new IoT botnets called HEH and Ttint.

Netlab is the network research division of Chinese cybersecurity giant Qihoo 360. The company’s researchers first spotted the Ttint botnet targeting Tenda routers using two zero-day vulnerabilities.

Ttint spreads a remote control trojan based on code from the Mirai malware.

Mirai caused widespread chaos in 2016 when it hit DNS provider Dyn and impacted popular services...

IBM X-Force discovers Mozi botnet accounts for 90% of IoT traffic

Security experts from IBM X-Force have discovered that the Mozi botnet now accounts for 90 percent of traffic from IoT devices.

Mozi evolved from the source codes of infamous malware families such as Mirai, IoT Reaper, and Gafgyt. The botnet is capable of DDoS attacks, data exfiltration, and command or payload execution.

IoT devices with weak security, predominately unpatched routers and DVRs, are sought by Mozi to add to its ranks. Mozi has compromised popular routers...

Bitdefender: New botnet is targeting millions of IoT devices

Security researchers from Bitdefender have uncovered a new botnet which is targeting millions of IoT devices.

The so-called dark_nexus botnet seeks to infect common IoT devices like smart cameras, routers, and more. Bitdefender gave dark_nexus its name after featuring in its user agent string when carrying out exploits over HTTP: “dark_NeXus_Qbot/4.0”.

Qbot is another IoT malware which dark_nexus takes inspiration from. Bitdefender found some code from Qbot, and the...