The BotenaGo botnet source code has been leaked to GitHub, putting millions of routers and internet-of-things (IoT) devices at risk, researchers said.
In a Wednesday report, AT&T Alien Labs – which first discovered the difficult-to-detect malware in November – said it expects that the ready availability of the source code to malware authors will widen the number of attacks.
Uploading of the source code to GitHub “can potentially lead to a significant rise of new malware variants as malware authors will be able to use the source code and adapt it to their objectives,” Alien Labs security researcher Ofer Caspi wrote. “Alien Labs expects to see new campaigns based on BotenaGo variants targeting routers and IoT devices globally.”
Caspi said that as of yesterday, antivirus (AV) vendor detection for BotenaGo and its variants was still bumping along near the bottom when it comes to detecting the malware, with the BotenaGo samples discovered back in November still slipping past most AV software to infect systems with one of the most popular botnets: Mirai.
How2make BotenaGo go go away?
Alien Labs researchers recommend three steps to keep this malware off devices:
- Maintain minimal exposure to the Internet on Linux servers and IoT devices and use a properly configured firewall.
- Install security and firmware upgrades from vendors, as soon as possible;And check your system for unnecessary open ports and suspicious processes.
Credits: https://threatpost.com/botenago-botnet-code-leaked-to-github/178059/
Top comments (0)