Dark_Nexus Botnet Compromises Thousands of ASUS, D-Link Routers

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,048
A new botnet has compromised hundreds of ASUS, D-Link and Dasan Zhone routers over the past three months, as well as Internet of Things (IoT) devices like video recorders and thermal cameras.

The botnet, called dark_nexus (based on a string it prints in its banner), uses processes similar to previous dangerous IoT threats like the Qbot banking malware and Mirai botnet. However, dark_nexus also comes armed with an innovative module for enabling persistence and detection evasion, which researchers say “puts other [botnets] to shame.”

“While [dark_nexus] might share some features with previously known IoT botnets, the way some of its modules have been developed makes it significantly more potent and robust,” researchers with Bitdefender said in a Wednesday analysis. “For example, payloads are compiled for 12 different CPU architectures and dynamically delivered based on the victim’s configuration.”
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top