Security researchers at Alien Labs discovered a mysterious malware that can exploit dozens of security holes that exist on various devices.
The mysterious malware is called BotenaGo, and can use various methods to launch its attacks and create a backdoor on the infected device.
"(This malware) is equipped with more than 30 exploits, and has the potential to target millions of routers and IoT devices," said the researcher at Alien Labs.
Some antivirus programs detect this malware as a variant of Mirai, which is a botnet malware for IoT devices. Mirai is a malware whose botnet dominated DDoS attacks in 2016.
Although the contents look the same, BotenaGo has a significant difference compared to Mirai. That is because BotenaGo is written using the Go programming language, which in recent years has become popular among developers, is also often used to create malware.
BotenaGo can search for its victims on the internet, and from the analysis of the code sequences it can be seen that the creators of this malware can count how many devices have been infected.
The infected device can then be commanded using remote shell commands by the manufacturer. That way the infected device can be a door to a wider network.
The manufacturer can also send malicious packages to the infected device. However, when BotenaGo was analyzed, the packages had already been removed from the server used by the creator.
It is possible that at this time BotenaGo has infected millions of devices connected to the internet, namely devices that have security holes discovered by researchers at Alien Labs. But so far there has been no communication between the victim's device and the BotenaGo server.
From these findings, researchers have concluded that BotenaGo is divided into three possibilities. First, BotenaGo may be just a small module of the malware pool that is not currently in use.
Then secondly, there is also the possibility that BotenaGo is indeed still related to Mirai, which is to function behind Mirai while targeting certain devices. Finally, BotenaGo may still be in development and the beta version accidentally spreads online.
