Executive Summary The Hide ‘N Seek botnet was first discovered in January 2018 and is known for its unique use of Peer-to-Peer communication between bots. Since its discovery, the malware family has seen a couple of upgrades, from the addition of persistence and new exploits, to targeting Android devices via the Android Debug Bridge (ADB).
Our researchers have discovered a new Mirai variant that uses 8 new vulnerabilities and targets new IoT devices.
Unit 42 discovers new samples of Mirai compiled for additional processors, Altera Nios II, OpenRISC, Tensilica Xtensa, and Xilinx MicroBlaze, potentially increasing the DDoS firepower of Mirai.
Unit 42 has discovered a new Mirai variant that targets business video display systems. It uses additional exploits, boosts the number of credentials for brute-force attacks and hosts payload on the compromised website of a Colombian security firm.
Unit 42 has uncovered new variants of the well-known IoT botnets Mirai and Gafgyt.
Unit 42 documents the emergence of three malware campaigns built on publicly available source code for the Mirai and Gafgyt malware families that incorporate multiple known exploits affecting Internet of Things (IoT) device.
Unit 42 examines the Reaper Group’s updated mobile arsenal, including a Bitcoin Ticker Widget and a PyeongChang Winter Games application.
Unit 42 discovers TeleRAT, an Android Trojan abusing Telegram’s Bot API for command and control and data exfiltration.