Nozomi Networks cybersecurity experts: The malware is downloaded via Pay-Per-Install networks – online ad campaigns that prompt software in infected installers or software cracks.
Fortinet cybersecurity experts: Threat actors leverage the critical vulnerability CVE-2021-36260 to install and run the malware, a Mirai botnet variant.
AT&T Alien Labs cybersecurity experts: The new malware uses over 30 exploits and creates a backdoor waiting to attack through port 19412 or from another related module.
Cloudflare cybersecurity experts: The aggression was launched by more than 20,000 Mirai’s bots in 125 countries. Many of them originated from Indonesia, India and Brazil.
The bunch of vulnerabilities in Multiple open-source embedded TCP/IP stacks, used in IoT and embedded devices, pose a immediate risk for organizations.