Home » Technology » This malware infects routers and connected objects

This malware infects routers and connected objects

Cybersecurity researchers fromAT & T Alien Labs announced that they have identified a new family of malware that attacks routers and
connected objects (IoT). They called it BotenaGo. They indicate that it has the potential to affect millions of devices. To achieve this, it exploits nearly 30 different vulnerabilities.

AT&T Alien Labs researchers indicate that BotenaGo has similarities with the Mirai botnet and is recognized as such by antivirus. However, they explain that the malware’s payload was written in Go, an increasingly popular programming language that makes it harder to detect. On the VirusTotal service, BotenaGo was only detected by 6 out of 62 antiviruses.

“Malware developers continue to develop new techniques for writing and enhancing the capabilities of malware,” said Ofer Caspi, security researcher at Alien Labs. “In the case of BotenaGo, it can be managed as a base and be used on different operating systems with minor manipulation. “

Another notable fact, the code analysis revealed that the hackers had a counter, allowing them to know in real time the number of infected devices. Once contaminated, devices can be used to compromise a network or to infect new devices.

Malware still inactive

While it has the potential to compromise millions of devices, researchers have found that the malware is currently not communicating with any controlling server. The researchers suggest two possibilities to explain this lack of activity. The first is that this is just a beta that accidentally ended up on the Internet. Second possibility considered by the researchers, BotenaGo could be only one module of a larger group of malware and will be used to target specific devices.

Whatever the real origin of the malware, the researchers recommend updating all connected objects, in order to reduce the number of vulnerabilities that hackers can use. Finally, managers of connected object networks are advised to stay on the lookout for any unusual use of bandwidth.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.