‘BotenaGo’ Malware Targets Routers, IoT Devices with Over 30 Exploits

13
BotenaGo Malware Targets Routers_ IoT Devices with Over 30 Exploits

The BotenaGo threat is using the back door of a damaged device, and then waits for instructions – either from a remote operator or malicious module on the device – to launch an attack.

As part of a routine BotenaGo attack, a malware program starts by mapping out what might be available to attack operations, then asks the target for a GET request, then searches for retrieved data, and then attempts to exploit the targeted vulnerability.

On a compromised device, a malware program creates two back holes: 31412 and 19412, and then starts listening to port 19412 to receive the victim’s IP. Next, it goes into the exploit operations mapped to do it with a given IP. Researchers at AT&T Alien Labs have identified a total of 33 bullying activities initiated by BotenaGo.

Read More: Securityweek

For more such updates follow us on Google News ITsecuritywire News