Millions of Routers, IoT Devices at Risk from New Open-Source Malware

BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities.

Newly surfaced malware that is difficult to detect and written in Google’s open-source programming language has the potential to exploit millions of routers and IoT devices, researchers have found.

Discovered by researchers at AT&T AlienLabs, BotenaGo can exploit more than 30 different vulnerabilities to attack a target, Ofer Caspi, a security researcher at Alien Labs, wrote in a blog post published Thursday.

The malware, which is written in Golang—a language Google first published in 2007–works by creating a backdoor to the device. It then waits to either receive a target to attack from a remote operator through port 19412 or from another related module running on the same machine, he wrote.

Golang, also known as Go, is aimed at simplifying how software is built by making it easy for developers to compile the same code for different systems. This feature may be the reason why it’s caught on with malware developers in the last few years, since it also makes it easier for attackers to spread malware on multiple operating systems, Caspi wrote.

Indeed, research from Intezer, which offers a platform for analyzing

Read More: https://threatpost.com/routers-iot-open-source-malware/176270/