Security Architecture, Endpoint/Device Security, IoT, Threat Management, Threat Management, Malware, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Unlucky 13: Mirai variant uses baker’s dozen of exploits to compromise IoT devices

Researchers at Trend Micro have discovered another new variant of Mirai botnet malware that uses a unique combination of 13 exploits designed to hijack IoT devices.

With these 13 exploits, this "Backdoor.Linux.MIRAI.VWIPT" variant is capable of targeting Vacron network video recorders, Dasan GPON routers, D-Link devices, various CCTV-DVR vendors, devices using Realtek SDK with the miniigd daemon, EirD1000 wireless routers, Netgear DGN1000 devices, Netgear R7000 and R6400 devices, MVPower DVRs, Huawei HG532 routers, Linsys E-series routers and ThinkPHP 5.0.23/5.1.31.

In a blog post today, Trend Micro reports that the newly discovered variant is similar to a 2018 variant called Omni, which used 11 of the above exploits, excluding the ones for Linksys and ThinkPHP, which have been seen in other variants.

Backdoor.Linux.MIRAI.VWIPT comes with brute-force capabilities using a few dozen commonly seen credentials.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.