BotenaGo is a virus developed in Golang (Go), a programing language that has exploded in popularity in recent years, with malware developers praising it for producing harder-to-detect and reverse-engineer payloads.
A botnet, as explained by Cezarina, is a collection of infected computers or other internet-connected devices that interact with one another to carry out the same malicious acts, such as spam campaigns or distributed denial-of-service attacks. Online criminals can remotely manipulate the network to serve their own goals, allowing them to escape detection and legal prosecution by law enforcement agencies.
As reported by BleepingComputer the botnet incorporates 33 exploits that will be used for a spread of routers, modems, and NAS devices.
AT&T researchers investigated the new botnet and discovered that it targets many devices with features that exploit the holes mentioned above.
The BotenaGo malware starts by initializing global infection counters that will be printed to the screen, informing the hacker about total successful infections.(Figure 2)
It then looks for the ‘dlrs’ folder in which to load shell scripts files. A loaded script will be concatenated as ‘echo -ne %s >> ‘. If