loader gif

Mirai Botnet Malware Offspring Graduates From University, Puts on a Suit, Slips Into Your Enterprise

Mirai Botnet Malware Offspring Graduates From University, Puts on a Suit, Slips Into Your Enterprise (Malware and Vulnerabilities)

Earlier this month, researchers at Palo Alto Networks' Unit 42 discovered and documented a fresh strain of Echobot, a botnet malware based on the leaked Mirai source code, that targets flaws in business tools. Specifically, this Echobot nastyware build tries to exploit, in addition to previously targeted vulnerabilities, CVE-2019-2725 in Oracle WebLogic Server and CVE-2018-6961 in VMware NSX SD-WAN to pressgang more machines into its web. Akamai security ace Larry Cashdollar noted on Thursday that in addition to expanding outward in its range of targets, Echobot is also looking further back in time to dig up long-forgotten security flaws. Cashdollar found that, beyond the Oracle and VMware exploits, several of the malware's other "new" exploits are, in fact, for vulnerabilities that have been around for nearly a decade, but for one reason or another did not get addressed. "It seems the updates to Echobot are targeting systems that have possibly remained in service, but whose vulnerabilities were forgotten." So basically, patch if you can, and if you can't, remove that vulnerable device or installation from the internet or network before Echobot finds it.

loader gif