Moobot Milks Tenda Router Bugs for Propagation
#1
Information 
Quote:A variant of the Mirai botnet called Moobot saw a big spike in activity recently, with researchers picking up widespread scanning in their telemetry for a known vulnerability in Tenda routers. It turns out that it was being pushed out from a new cyber-underground malware domain, known as Cyberium, which has been anchoring a large amount of Mirai-variant activity.
 
According to AT&T Alien Labs, the scanning for vulnerable Tenda routers piqued researcher interest given that such activity is typically rare. The targeted bug is a remote code-execution (RCE) issue (CVE-2020-10987).
 
“This spike was observed throughout a significant number of clients, in the space of a few hours,” according to an AT&T analysis, released Monday. “This vulnerability is not commonly used by web scanners and was barely detected by our honeypots during the last six months, except for a minor peak in November.”
 
Following the breadcrumbs of the activity, researchers tracked down the infrastructure behind the Tenda scans in late March – discovering that it was being used to scan for additional bugs, in the Axis SSI, Huawei home routers (CVE-2017-17215) and the Realtek SDK Miniigd (CVE-2014-8361). It was also deploying a DVR scanner that tried default credentials for the Sofia video application. These compromise efforts were tied to a variety of different Mirai-based botnet infections, including the Satori botnet.

Read more: Moobot Milks Tenda Router Bugs for Propagation | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Messages In This Thread
Moobot Milks Tenda Router Bugs for Propagation - by silversurfer - 15 June 21, 11:56

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
uBOLite_2024.12.23.23
uBOLite_2024.12.23...harlan4096 — 10:29
You found a seed phrase from someone els...
Scammers have inve...harlan4096 — 09:58
Google files remedies proposal in DOJ's ...
The U.S. Departmen...harlan4096 — 09:48
PowerToys 0.87.1
PowerToys 0.87.1 ...harlan4096 — 09:46
GFYI [Official] EaseUS Christmas 2024 B...
Merry Christmas and ...zevish — 08:07

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>