Sign In

Communications of the ACM

ACM TechNews

BotenaGo Botnet Targets Millions of IoT Devices with 33 Exploits

View as: Print Mobile App Share:
Artist's representation of malware.

BotenaGo was written in Golang (Go), which has been exploding in popularity in recent years, with malware authors loving it for making payloads that are harder to detect and reverse engineer.


AT&T researchers found the BotenaGo malware botnet uses 33 exploits to attack millions of routers, modems, network attached storage, and Internet of Things devices.

Once installed, the malware listens on two ports, waiting for an IP address to be sent to it, after which it exploits each vulnerability on that IP address to obtain access.

BotenaGo then executes remote shell commands to recruit the device into the botnet.

The researchers were unable to retrieve any payloads on the hosting server for analysis, nor could they find an active C2 communication between BotenaGo and an actor-controlled server.

The researchers believe BotenaGo is only one part of a multi-stage modular malware attack.

They note that a sample from its early development stage was leaked accidentally into the wild and that the malware is not yet operational.

From BleepingComputer
View Full Article


Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account