The Hacker News reports that an updated Zerobot botnet has been exploiting 21 vulnerabilities in Internet of Things devices and software in a new malware campaign that began after November 18. Some of the vulnerabilities used by Zerobot include flaws affecting F5 BIG-IP, HIkvision cameras, Zyxel firewalls, TOTOLINK routers, D-Link DNS-320 network attached storage, and Spring Framework, a Fortinet FortiGuard Labs report showed. Numerous modules for self-replication, self-propagation, and for other attack protocols have been integrated in Zerobot, which also leverages the WebSocket protocol for command-and-control server communication. Following contact with the C2 server, Zerobot will be waiting for commands for facilitating arbitrary command execution, as well as attacks targeting the TCP, TLS, HTTP, ICMP, and UDP protocols. "Within a very short time, [Zerobot] was updated with string obfuscation, a copy file module, and a propagation exploit module that make[s] it harder to detect and gives it a higher capability to infect more devices," said researcher Cara Lin.