Best Top Reviews Online

The Zerobot IoT Botnet Enhances Exploits and DDoS Capabilities

The Internet of Things (IoT) botnet Zerobot has been updated with a longer list of exploits and DDoS capabilities.

Zerobot is a self-replicating and self-propagating malware program written in the Golang (Go) programming language that is capable of targeting twelve device architectures.

Fortinet analyzed two variants of the malware, one of which contained exploits targeting 21 known vulnerabilities, including the recent Spring4Shell and F5 Big-IP flaws, in addition to vulnerabilities in firewalls, routers, and surveillance cameras.

Microsoft published its analysis of Zerobot on Wednesday, warning that the malware had been updated to include exploits for two Apache and Apache Spark vulnerabilities, tracked as CVE-2021-42013 and CVE-2022-33891, respectively.

CVE-2021-42013, a server-side request forgery (SSRF) vulnerability patched in October 2021, is known to have been exploited by other botnets, including the Enemybot DDoS botnet.

Microsoft has analyzed a variant of Zerobot that includes exploits for CVE-2017-17105 (Zivif PR115-204-P-RS), CVE-2019-10655 (Grandstream), CVE-2020-25223 (Sophos SG UTM), and ZSL-2022-5717, in addition to previously reported exploits (MiniDVBLinux).

“Since the release of Zerobot 1.1, the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files,” Microsoft explains, adding that some of the previously mislabeled vulnerabilities have been removed.

“Microsoft researchers have also discovered new evidence that Zerobot propagates by compromising devices with known vulnerabilities that are not included in the malware binary,” the tech company says.

Once a device has been compromised, Zerobot injects a script to execute the botnet malware (or a script to identify the device architecture and retrieve the appropriate binary) and achieves persistence.

The threat does not target Windows systems, but Microsoft has observed samples of Zerobot that can operate on Windows.

The updated Zerobot variant includes several new DDoS attack capabilities utilizing the UDP, ICMP, TCP, SYN, ACK, and SYN-ACK protocols.

Additionally, Zerobot can scan the Internet for additional targets to infect. It can scan sets of randomly generated IP addresses while attempting to identify honeypot IP addresses.

“Microsoft researchers also identified a sample that can run on Windows based on a cross-platform (Linux, Windows, macOS) open-source remote administration tool (RAT) with features such as managing processes, file operations, screenshotting, and running commands,” the company says.

Why Trust Us?

Best Top Reviews Online was established in 2018 to provide our readers with detailed, truthful, and impartial advice on what to buy. We now have millions of monthly users from all over the world and annually evaluate over a thousand products.

The above article was written by the BestTopReviewsOnline team, which consists of some of the most knowledgeable technical experts in the United States. Our team consists of highly regarded writers with vast experience in smartphones, computer components, technology apps, security, and photography, among other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus

Get more info

Deals

Reviews

Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer

BestTopReviewsOnline.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As an Amazon Associate I earn from qualifying purchases.

 

Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 BestTopReviewsOnline.com Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of BestTopReviewsOnline.com.