Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

6/7/2018
10:00 AM

7 Variants (So Far) of Mirai

Mirai is an example of the newest trend in rapidly evolving, constantly improving malware. These seven variants show how threat actors are making bad malware worse.
6 of 8

OMG

The old saying goes, "There's more than one way to skin a cat." There's also more than one way to monetize a botnet, and the OMG Mirai variant takes a commercial tack that is far removed from the original.

Where all the variants of Mirai discussed so far were DDoS engines, OMG, just like the original, uses 3proxy, an open source proxy server, to turn any infected device into a proxy server that can then be used for a variety of purposes. OMG even goes so far as to check for, and rewrite, firewall rules to ensure that the ports used by the new proxy server can transit the network perimeter with no trouble.

OMG provides a network of proxy servers that can be rented out for use by a huge number of clients, whether they're looking for DDoS generators, a SPAM network, crypto-jacker scheme, or ransomware empire. No matter the demand, the OMG proxy network can provide the illicit proxy.

(Image: BeeBright VIA SHUTTERSTOCK)

6 of 8
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
MarkSindone
50%
50%
MarkSindone,
User Rank: Moderator
12/22/2018 | 1:30:53 AM
Under control
Malware, like technology, is constantly improving. There really isn't any particular one way that can totally diminish this entire threat for good. However, it is still in our best interests that we take note of them so as to know what to expect and how to handle and take them down for good using the correct methods. If we find out about them without knowing the counter measures to be put in place, then we might suffer even tougher consequences that might just be irreversible.
PaulChau
50%
50%
PaulChau,
User Rank: Strategist
12/18/2018 | 2:59:56 AM
Beat the robots
It's scary to think that there are more than people trying to introduce hazards and dangers into our systems you know. These bots are so easily configured to attack from a different angle just by switching up a line or two of code! Security teams are really going to have to work hard to stay ahead of the game now!
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11697
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
CVE-2020-13646
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.
CVE-2020-13868
PUBLISHED: 2020-06-05
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. CSRF affects comment integrity.
CVE-2020-13869
PUBLISHED: 2020-06-05
An issue was discovered in the Comments plugin before 1.5.6 for Craft CMS. There is stored XSS via a guest name.
CVE-2020-13870
PUBLISHED: 2020-06-05
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. There is stored XSS via an asset volume name.