Security Architecture, Endpoint/Device Security, IoT, Threat Management, Threat Management, Malware, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Unlucky 13: Mirai variant uses baker’s dozen of exploits to compromise IoT devices

Researchers at Trend Micro have discovered another new variant of Mirai botnet malware that uses a unique combination of 13 exploits designed to hijack IoT devices.

With these 13 exploits, this "Backdoor.Linux.MIRAI.VWIPT" variant is capable of targeting Vacron network video recorders, Dasan GPON routers, D-Link devices, various CCTV-DVR vendors, devices using Realtek SDK with the miniigd daemon, EirD1000 wireless routers, Netgear DGN1000 devices, Netgear R7000 and R6400 devices, MVPower DVRs, Huawei HG532 routers, Linsys E-series routers and ThinkPHP 5.0.23/5.1.31.

In a blog post today, Trend Micro reports that the newly discovered variant is similar to a 2018 variant called Omni, which used 11 of the above exploits, excluding the ones for Linksys and ThinkPHP, which have been seen in other variants.

Additionally,
Backdoor.Linux.MIRAI.VWIPT comes with brute-force capabilities using a few dozen commonly seen credentials.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Related

Security concerns curb open source utilization

Open source software utilization has been scaled back by nearly 40% of industry professionals due to security concerns, with more than 50% reducing open source usage following the emergence of the widespread Log4j vulnerability, The Register reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.