Researchers for the first time have discovered a variant of the
Mirai Internet of Things botnet that targets an vulnerability found in unpatched versions of the open-source Apache Struts web app development platform.
That bug is none other than the infamous
CVE-2017-5638, a remote code execution flaw that was exploited in the
Equifax data breach, according to a Sept. 9
blog post from
Palo Alto Networks’ Unit 42 threat research division. And the decision to strategically incorporate this bug could indicate a larger movement from consumer device targets to enterprise targets,” reports post author and researcher Ruchna Nigam.
CVE-2017-5638 is actually just one of 16 vulnerabilities that the Mirai variant abuses, including RCE and command injections bugs in a wide variety of networking devices, routers, CCTVs and DVRs.