A cryptomining botnet has been attacking unpatched routers since at least May 2019. It exploits a small set of critical vulnerabilities and targets multiple CPU architectures.
Named LiquorBot, the malware is written in Golang (Go) a programming language that has a syntax similar to C but presents some advantages, such as memory safety and garbage collection.
12+ versions in less than a year
Researchers at Bitdefender first saw LiquorBot on May 31, 2019, and tracked its evolution to a version discovered on October 10. Between these dates, 11 releases were identified:
... ...