Mozi Botnet Accounts for a Major Share of IoT Traffic

Mozi Botnet

Mozi’s spike is witnessed amid a huge increase in the overall IoT botnet activity. The Mozi botnet, a peer-2-peer malware previously known for taking over D-Link, Netgear, and Huawei routers, has increased in size, accounting for 90% of observed traffic flowing across all internet of things (IoT) devices, confirmed the researchers.

IBM X-Force notified about Mozi’s spike within its telemetry, owing to the huge increase in the overall IoT botnet activity globally. Combined IoT attack instances from October through June are up by 400% than the combined IoT attack instances for the last two years.

Read More: Australian Government Launches Voluntary IoT Cyber Security Code of Practice

“Attackers have been leveraging these devices for some time now, most notably via the Mirai botnet,” confirmed IBM. Mozi is successful largely through the use of command-injection (CMDi) attacks, resulting from the misconfiguration of IoT devices. The continued growth of IoT usage, coupled with the poor configuration protocols are the most common culprits behind this jump. This increase is fueled further by corporate networks being accessed remotely more often due to COVID-19.