Mirai is a terrible IoT botnet that has caused headaches for DDos attacks worldwide. Now Mirai’s variant seems to have emerged. According to security researchers, it not only uses Mirai’s similar evolution strategy, but also seems to be based on the Mirai architecture, and its attack power is greatly increased.
Security researchers referred Echobot malicious software , which comes with 8 extra vulnerability exploits, some of which have not patched vulnerabilities.
Security researcher Larry Cashdollar explained, “Botnet developers are always looking for ways to spread malware. They are not just relying on exploiting new vulnerabilities that target IoT devices, but vulnerabilities in enterprise systems as well. Some of the new exploits they’ve added are older and have remained unpatched by the vendor. It seems the updates to Echobot are targeting systems that have possibly remained in service, but whose vulnerabilities were forgotten. This is an interesting tactic as these systems if found have remained vulnerable for years and will probably remain vulnerable for many more.”
The security researchers who first discovered the malware said that Echobot not only can locate connected devices like Mirai, but also track enterprise applications. Cashdollar has also been paying attention to Echobot’s changes. He said that some flaws are still not officially recognized and there is no CVE identifier. But compared to Mirai, it is true that Echobot is trying to spread via more infected devices. It has been a bigger threat than Mirai as it widely expands its range of targets. This threat is also trying to exploit security flaws from the past. It looks for login and code execution vulnerabilities, so hackers can attack users without authentication.
Cashdollar added that Echobot has shared some source code with Mirai, and anyone who is ready to launch a DDoS attack in the future. And given the multiple Echobot variants, the researchers believe that multiple versions of the attack may occur in the future.
Published by & last updated on June 24, 2019 3:20 am