Mirai botnet used to steal confidential data via IoT devices


Level 37
Thread author
Top poster
Feb 4, 2016
The notorious Mirai malware serves as a basis for a whole ecosystem of botnets.

Almost six years have passed since the Mirai botnet was discovered in August 2016. However, the malware that allowed some of the largest distributed denial-of-service (DDoS) attacks has mutated.
According to research by Intel 471, a cyber threat intelligence company, Mirai malware has since spurred many different botnets, all with seemingly similar objectives - to steal data using Internet of Things (IoT) devices.

Moreover, threat actors started actively developing and selling access to botnets built from the Mirai codebase, forming a botnet-based ecosystem.


Level 85
Honorary Member
Top poster
Content Creator
Malware Hunter
Aug 17, 2014

BotenaGo Botnet Code Leaked to GitHub, Impacting Millions of Devices​

The BotenaGo botnet source code has been leaked to GitHub, putting millions of routers and internet-of-things (IoT) devices at risk, researchers said.

In a Wednesday report, AT&T Alien Labs – which first discovered the difficult-to-detect malware in November – said it expects that the ready availability of the source code to malware authors will widen the number of attacks.

Uploading of the source code to GitHub “can potentially lead to a significant rise of new malware variants as malware authors will be able to use the source code and adapt it to their objectives,” Alien Labs security researcher Ofer Caspi wrote. “Alien Labs expects to see new campaigns based on BotenaGo variants targeting routers and IoT devices globally.”

Caspi said that as of yesterday, antivirus (AV) vendor detection for BotenaGo and its variants was still bumping along near the bottom when it comes to detecting the malware, with the BotenaGo samples discovered back in November still slipping past most AV software to infect systems with one of the most popular botnets: Mirai.