"BotenaGo Malware Could Threaten Millions of Routers and IoT Devices"

Cybersecurity researchers at AT&T Alien Labs detailed BotenaGo, a new form of Internet of Things (IoT) malware that leverages more than 30 different exploits. According to the researchers, BotenaGo applies different methods to attack targets and creates a backdoor on compromised devices. As it uses over 30 exploits, BotenaGo could impact millions of routers and IoT devices, warned the researchers. The malware has been detected as a variant of the IoT botnet Mirai by some anti-virus suites. Although the payload initially appears similar, it is significantly different because it is written in the Go programming language. Go has been growing in popularity among developers and malware authors. BotenaGo scans the Internet for vulnerable targets. An analysis of the code found that the attacker is presented with a live global infection counter showing the number of compromised devices at any given time. The attackers can exploit the vulnerabilities in the Internet-facing devices and execute remote shell commands, potentially creating a gateway to the wider network if inadequately secured. They could also use this option to distribute malicious payloads. However, at the time of analysis, these payloads had been removed from the servers hosted by the attackers. BotenaGo has the potential to compromise millions of devices affected by the vulnerabilities detailed by the researchers, but currently, there is no apparent communication with a command-and-control (C2) server. The researchers suggest that BotenaGo could be one module of a larger malware suite that is currently not being used in attacks. They also suggest that a beta version of it was accidentally released early and it could still be in development. This article continues to discuss recent findings surrounding the BotenaGo Malware. 

ZDNet reports "BotenaGo Malware Could Threaten Millions of Routers and IoT Devices"