IoT security is a little bit weaker today.
The code for Satori, the next evolution of the infamous Mirai IoT botnet, is now publicly available. Satori expands the botnet malware by including exploits for software vulnerabilities. This goes beyond weak passwords that Mirai exploited to gain control of devices. Although Satori is somewhat limited, targeting specifically Huawei devices, it does provide insights to how this strain will evolve.
I expect the next versions to include a growing list of software vulnerabilities to enlarge the botnet herds that attackers can then leverage for DDoS campaigns. The battle will become a race condition where the various authors will work to include new vulnerabilities before users patch and block them.
With the code now in the wild, any malicious author can use it as a foundation to create an offshoot.
Related News Articles:
- Satori IoT botnet malware code given away for Christmas
- Malware behind Satori botnet posted to Pastebin
Interested in more? Follow me on your favorite social sites for insights and what is going on in cybersecurity: LinkedIn, Twitter (@Matt_Rosenquist), YouTube, Information Security Strategy blog, Medium, and Steemit
Isn't always a race?
Good guys against the Bad guys. Seems like a never-ending race.
What is Satori IoT botnet?
The newest version of Mirai, also a botnet, that hijacked several hundreds of thousands of IoT devices and created the largest denial-of-service-attacks ever seen. Mirai also brought down much of the East coast internet for a short period in 2017.
seems interesting but confusing at least from my perspective
Bad malware, getting worse.
The evolution of malware is relentless. IoT is the next big target.