New Mirai Variant Targeting IoT & Network Security Devices

Think hackers only want to hack into banks, doctors’ offices, and Twitter?  That kind of thinking will get you nowhere.  With the Internet of Things (called IoT), hackers have thousands of new targets – including network security devices.

Recently, experts have discovered attacks on these vulnerabilities:

  • VisualDoor (a SonicWall SSL-VPN exploit).
  • CVE-2020-25506 (a D-Link DNS-320 firewall exploit).
  • CVE-2020-26919 (a Netgear ProSAFE Plus exploit).
  • Possibly CVE-2019-19356 (a Netis WF2419 wireless router exploit).

The attacks are ongoing.  When a hacker gets into a device, they try to download a malicious shell script that contains further infection instructions such as downloading and executing virus variants.

Specifically, the wget utility is used to download a shell script from the malware infrastructure. The shell script then downloads several Mirai binaries that are compiled for different architectures.  The downloaded binaries are then executed, wreaking havoc.

As you can see, several of these vulnerabilities are CRITICAL.

Make sure your individual network security devices are fully protected against hacking.

Leave a Comment