Mozi’s spike is witnessed amid a huge increase in the overall IoT botnet activity. The Mozi botnet, a peer-2-peer malware previously known for taking over D-Link, Netgear, and Huawei routers, has increased in size, accounting for 90% of observed traffic flowing across all internet of things (IoT) devices, confirmed the researchers.
IBM X-Force notified about Mozi’s spike within its telemetry, owing to the huge increase in the overall IoT botnet activity globally. Combined IoT attack instances from October through June are up by 400% than the combined IoT attack instances for the last two years.
“Attackers have been leveraging these devices for some time now, most notably via the Mirai botnet,” confirmed IBM. Mozi is successful largely through the use of command-injection (CMDi) attacks, resulting from the misconfiguration of IoT devices. The continued growth of IoT usage, coupled with the poor configuration protocols are the most common culprits behind this jump. This increase is fueled further by corporate networks being accessed remotely more often due to COVID-19.