A new botnet malware has been unveiled by the security researchers which is targeting IoT devices.
The botnet is targeting internet-connected smart devices and are using these devices to perform DDoS attacks and cryptocurrency coin mining. The Botnet is written in Go language and armed with a proprietary peer-to-peer (P2P) protocol, spreads via a brute-force attack of the Telnet and can execute arbitrary shell commands.
Researchers have reported that the botnet is still in its early stages of development but already has 3 separate modules. The botnet has a propagation module, a local HTTP service module, and a P2P module.
A malicious Shell script named “wpqnbw.txt,” was found to be the origin of the attack. The shell script uses this Shell script to download various malicious modules from the hacker-controlled websites. The downloaded module is based on the different CPU architectures and functioning.
The botnet further starts a HTTP server that displays the Universal Declaration of Human Rights in eight different languages and subsequently initializing a P2P module that keeps track of the infected peers and allows the attacker to run arbitrary shell commands.
The botnet has the feature of deleting all the data of compromised device and other commands make it possible to restart a bot, update the list of peers, and exit the current running bot. The researchers have claimed that the botnet is using brute force attack to hack the telnet ports and amplify itself.
NPAV recommends users to always use secure internet connections and never connect to any untrusted or insecure network. Install NPAV on your devices to keep them protected from all kinds of botnet and other cyber attacks. NPAV ensures device and network security by guarding against cyber attacks.
Use NPAV and join us on a mission to secure the cyber world.