The nefarious minds behind a dangerous malware called BotenaGo have uploaded the source code to GitHub on October 16th 2021, according to new research by AT&T Alien Labs. This could mean hackers around the world, who now have access to this source code, will have the ability to create their own versions of the malware and adapt it to their own attack objectives.
There is concern BotenaGo malware ‘variants’ will begin to surface quickly and go largely undetected because, as it stands, antivirus (AV) vendor detection for BotenaGo and its variants remains behind, with very low detection coverage from most of AV vendors – only 3 out of 60 can currently detect it.
Ofer Caspi, malware researcher at AT&T Alien Labs, stated they “expect to see new campaigns based on BotenaGo variants targeting routers and IoT devices globally.”
In November 2021, AT&T Alien Labs™ had published research detailing the discovery of the BotenaGo malware which hadn’t been previously seen. The malware is written in the open-source programming language Golang, contains a total of only 2,891 lines of code (including empty lines and comments) and has been described as “simple yet efficient”.
It contains key malware capabilities such as:
The BotenaGo malware can exploit vulnerabilities in IoT devices like routers including those manufactured by Netgear, D-Link, Linksys and ZTE.
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy settings
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance

source

You May Also Like

Mobile phishing threats surged 161% in 2021 – Lookout Energy Threat Report

A new report has shown the energy sector is under immense cyber…

Europe’s top 10 pharma manufacturers all have vulnerable web applications

Outpost24, an innovator in identifying and managing cybersecurity exposure, today announced the…

Ransomware attack hits Papua New Guinea’s finance department

Papua New Guinea’s finance department acknowledged late Thursday that its payment system,…