Self-Propagating ‘Zerobot’ Botnet Attacks Spring4Shell Vulnerabilities in IoT


According to cybersecurity solutions provider Fortinet, a newly discovered botnet capable of self-replication and self-propagation is targeting multiple Internet of Things (IoT) vulnerabilities for initial access.

The malware, dubbed Zerobot, is written in the Golang (Go) programming language and includes several modules for self-replication, self-propagation, and attacks on various protocols. The malware has been observed communicating with its command-and-control (C&C) server via WebSocket and targeting twelve architectures, including i386, amd64, arm64, arm, mips, mipsle, mips64, mips64le, ppc64, ppc64le, riscv64, and s390x.

Also Read: Preventing Cybercriminals from Using IoT Devices as a Gateway into the Enterprise Network

To date, Fortinet has identified two variants of the botnet, one with basic functions and another with the ability to replicate itself and target more endpoints, both of which have been distributed since mid-November.

Read More: Self-Propagating ‘Zerobot’ Botnet Targeting Spring4Shell, IoT Vulnerabilities