Cyber security researchersAT&T Alien Labs They announced that they had discovered a new family of malware that could attack routers
Linked Objects (IoT). They called it BotenaGo. They point out that this could potentially affect millions of devices. To achieve this, it uses almost 30 different vulnerabilities.
AT&T Alien Labs researchers note that BotenaGo has similarities with the Mirai botnet and is recognized. Antivirus. However, they explain that the malware was written in Payload Go, which is an increasingly popular programming language that makes it difficult to detect. In the VirusTotal service, only 6 of the BotenaGo 62 antiviral drugs were detected.
“Malware developers are constantly developing new technologies to write and improve the capabilities of malware,” said Offer Cosby, a security analyst at Alien Labs. “In the case of BotenaGo, it can be managed as a base and used on different operating systems with little manipulation.”
Another notable fact is that code analysis reveals that hackers have a counter, which allows them to know the number of infected devices in real time. Once contaminated, devices can be used to compromise the network or to infect new devices.
Malware is not yet active
Although it has the ability to compromise millions of devices, researchers have found that the malware does not currently communicate with any controlling server. Researchers suggest two possibilities to explain the lack of this function. First, this is the only beta that came to the internet by accident. A second possibility considered by researchers is that BotenaGo could only be a single entity of a large malware group and could be used to target specific devices.
Researchers recommend updating all attached products to reduce the number of vulnerabilities that hackers could use, regardless of the actual appearance of the malware. Finally, managers of connected object networks are advised to be on the lookout for unusual usage of bandwidth.