Our Unit 42 researchers have identified a variant of the IoT/Linux botnet “Tsunami”. They have named this variant "Amnesia", and you can read about it here: New IoT/Linux Malware Targets DVRs, Forms Botnet.
The post by Unit 42 covers how the Amnesia malware is delivered and distributed within the targeted network and describes how it targets an unpatched vulnerability affecting Chinese-made DVRs. Analysis shows that 227,000 devices worldwide are at risk. The top five countries in terms of exposure are: Taiwan, the United States, Israel, Turkey, and India. This is a scenario similar to the Mirai botnet from the fall, and there is a real risk that this botnet could be used to levy DDoS attacks.
Palo Alto Networks has blocked the Domains used by this malware for command and control through PAN-DB and Threat Prevention.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| Subject | Likes |
|---|---|
| 5 Likes | |
| 3 Likes | |
| 3 Likes | |
| 3 Likes | |
| 2 Likes |
| User | Likes Count |
|---|---|
| 11 | |
| 4 | |
| 3 | |
| 3 | |
| 2 |
