New IoT/Linux Malware Targets DVRs, Forms Botnet

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Team Member

Our Unit 42 researchers have identified a variant of the IoT/Linux botnet “Tsunami”. They have named this variant "Amnesia", and you can read about it here: New IoT/Linux Malware Targets DVRs, Forms Botnet


The post by Unit 42 covers how the Amnesia malware is delivered and distributed within the targeted network and describes how it targets an unpatched vulnerability affecting Chinese-made DVRs. Analysis shows that 227,000 devices worldwide are at risk. The top five countries in terms of exposure are: Taiwan, the United States, Israel, Turkey, and India. This is a scenario similar to the Mirai botnet from the fall, and there is a real risk that this botnet could be used to levy DDoS attacks.


Palo Alto Networks has blocked the Domains used by this malware for command and control through PAN-DB and Threat Prevention. 

Register or Sign-in
Top Liked Authors