Unlucky 13: Mirai variant uses baker's dozen of exploits to compromise IoT devices

News by Bradley Barth

The newly discovered variant is similar to a 2018 variant called Omni

Researchers at Trend Micro have discovered another new variant of Mirai botnet malware that uses a unique combination of 13 exploits designed to hijack IoT devices.

With these 13 exploits, this "Backdoor.Linux.MIRAI.VWIPT" variant is capable of targeting Vacron network video recorders, Dasan GPON routers, D-Link devices, various CCTV-DVR vendors, devices using Realtek SDK with the miniigd daemon, EirD1000 wireless routers, Netgear DGN1000 devices, Netgear R7000 and R6400 devices, MVPower DVRs, Huawei HG532 routers, Linsys E-series routers and ThinkPHP 5.0.23/5.1.31.

In a blog post today, Trend Micro reports that the newly discovered variant is similar to a 2018 variant called Omni, which used 11 of the above exploits, excluding the ones for Linksys and ThinkPHP, which have been seen in other variants.

Additionally, Backdoor.Linux.MIRAI.VWIPT comes with brute-force capabilities using a few dozen commonly seen credentials.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Webcasts and interviews 

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop