Cyber security news for all

More

    Cyber criminals are targeting vulnerability to attack Zyxel NAS devices

    There is a new variant of the Mirai botnet called Mukashi. The attackers are primarily looking at unpatched Zyxel devices on which the botnet is to be installed. The malware, called Mukashi uses brute force attacks with various combinations of standard credentials to log in to Zyxel NAS devices. The malware then tries to take control of these devices and add them to a botnet. The botnet can be used to carry out DDoS attacks.

    Pre Authentication Command Vulnerability

    Multiple ZyXEL devices contain a pre authentication command injection vulnerability that could allow a remote attacker to run arbitrary code on a vulnerable device without logging in. This security warning was issued on March 2020.

    Mukashi hinges on a pre-authentication command injection vulnerability (tracked as CVE-2020-9054), for which a proof-of-concept was only made publicly available last month. Mukashi has exploited the vulnerability in Zyxel NAS devices with firmware version. Then remote code execution attacks are carried out, as security researchers are observed. The malware has been scanning the ports for potential targets since last week and is launching brute force attacks to circumvent common combinations of usernames and passwords. Once the login has been bypassed, Mukashi connects to a command and control server that can issue commands to perform DDoS attacks. When analyzing the code of the Mukashi malware, the security researchers, despite the differences correspond to the Mirai botnet. At the end of 2019, the Mirai botnet paralyzed large parts of the internet or slowed down websites due to DDoS attacks. The Mirai source code was published online, giving cybercriminals the tools to build a botnet. Zyxel patched the vulnerability affecting network attached storage and firewall products last month, and it is strongly recommended that all Zyxel users install the firmware update to protect the devices from Mukashi attacks.

    Recent Articles

    Unclear cyber attacks that target Covid-19 vaccine campaign

    Security researchers have discovered some cyber attacks that are targeted against the delivery of vaccine against COVID. The targeted attacks began in 2 months...

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox