skip to Main Content

Cybercrime, BotenaGo targets millions of routers and IoT devices

AT&T Alien Labs cybersecurity experts: BotenaGo targets millions of routers and IoT devices. The new malware uses over 30 exploits and creates a backdoor waiting to attack through port 19412 or from another related module

BotenaGo is a new malware, written in Golang and deployed with more than 30 exploits and the potential of targeting millions of routers and IoT devices. It has been discovered by AT&T Alien Labs cybersecurity experts. The malware creates a backdoor and waits to either receive a target to attack from a remote operator through port 19412 or from another related module running on the same machine. It is yet unclear which threat actor is behind the malware and number of infected devices. It can receive commands to target victims in two ways:

  • It creates two backdoor ports: 31412 and 19412. On port 19412 it will listen to receive the victim IP. Once a connection with information to that port is received, it will loop through mapped exploit functions and execute them with the given IP;
  • It sets a listener to system IO (terminal) user input and can receive a target through it.
Back To Top