A new variant of the Mirai Virus has targeted vulnerabilities in D-Link, Netgear and Sonicwall and also in previously unknown vulnerabilities in connected gadgets.
The Mirai bot network is currently attacking six known vulnerabilities in unpatched devices from D-Link, Netgear and Soncwall and three unknown vulnerabilities are likely to be used for connected gadgets, reports Threatpost.
The attacks have been going on since mid-February. After the attackers manage to get in, a malicious shell script is downloaded and the device becomes part of the botnet.
Since Mirai launched a first variant in 2016, around 60 variants have appeared – as recently as a year ago, Zyxel’s nas products were attacked.
This time, in addition to known vulnerabilities, those also previously known are not used.
We can not say with certainty which devices are in the firing line for the unidentified vulnerabilities, says Zhibin Zhang, chief researcher at Unit 42, to Threatpost
However, he adds that based on how Mirai has previously chosen his goals, it is probably about connected gadgets.