A newly discovered different form of Mirai malware leveraging Open-Source Project called Aboriginal Linux to infect multiple cross-platforms such as routers, IP cameras, connected devices, and even Android devices.
Mirai malware has strong records of infecting poorly managing IoT devices and performing DDOS attacks on various platforms.
Mirai Malware(Mirai.linux) initially reported in 2016, since than Malware authors are performing various modification and added the more stealthy techniques to target various platforms.
In order to run the malware on cross-platform, it must be able to run on different architectures without any runtime surprises or misconfiguration.
In this case, the researcher discovered a remote server that contains multiple malware variants that can use for multiple platforms.
The initial stage of infection starts with a shell script that injecting into vulnerable devices and the shell script keeps tries to download from the remote server.
Later it executes the each and ever individual executables one by one and it keeps checking until a binary compliant with the current architecture is found.
If any one of the executables executed successfully then it will be ultimately responsible for Mirai Payload that will scan the target for devices with default credentials, or vulnerabilities to exploit the target.
According to Symantec, These variants have been created by leveraging an open-source project called Aboriginal Linux that makes the process of cross-compilation easy, effective, and practically fail-proof.
In this case, Malware authors leveraging the legitimate tools such as this cross-platform to effectively achieve the goal of the attack.
It helps to malware variants to become more robust and compatible with multiple architectures and devices.
Also, it will exploit the variety of devices ranging from routers, IP cameras, connected devices, and even Android devices.
when it was executed within the contained environment by the researcher, it attempted to scan more than 500,000 IP addresses generated through the random generation process.
Mirai Based Botnet “OMG” Turns IoT Device into a Proxy Server
Hackers who created Dangerous Mirai IoT Botnet Plead Guilty
Dangerous Mirai Botnet Attack Attempts Detected Again from 9,000 Unique IP Addresses
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…