![]() ![]() ![]() It uses port 3933 to receive commands from the command and control ( C&C) server, such as HTTP Flood DDoS attacks. It is also capable of scanning for specific devices and unpatched systems, and using one of the exploits in its list to attack and infect. Much like prior campaigns, the new botnet variant is capable of scanning for exposed Telnet ports and using default access credentials with infected devices. Out of the 27 exploits that this Mirai variant uses – previously used to target embedded devices such as IP cameras, network storage devices, and routers via Apache Struts – 11 are new to the malware family, and specifically targets WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs. The new malware variant (detected by Trend Micro as and ) was detected in early January of 2019 from a compromised website in Colombia tailoring to security and alarm integration, widening the possible impact to small and big businesses alike according to Palo Alto’s report. Analysis revealed that the variant uses old and new exploits, and that the cybercriminals behind this botnet have also expanded its built-in list of credentials to brute force into internet of things ( IoT) devices and networks using default passwords. Researchers found a new Mirai variant in the wild targeting smart signage TV and wireless presentation systems commonly used by businesses.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |