The malware had already put millions of routers and IoT devices at risk, and now any noob can have at it.
The BotenaGo botnet source code has been leaked to GitHub.
In a Wednesday report, AT&T Alien Labs – which first discovered the difficult-to-detect malware in November 2021 – said it expects that the ready availability of the source code to malware authors puts millions of routers and internet-of-things (IoT) devices at risk.
Uploading of the source code to GitHub “can potentially lead to a significant rise of new malware variants as malware authors will be able to use the source code and adapt it to their objectives,” Alien Labs security researcher Ofer Caspi wrote. “Alien Labs expects to see new campaigns based on BotenaGo variants targeting routers and IoT devices globally.”
Caspi said that as of yesterday, AV vendor detection for BotenaGo and its variants was still bumping along near the bottom when it comes to detecting the malware, with the BotenaGo samples discovered back in November still slipping past most AV software to infect systems with one of the most popular botnets: Mirai. The screen capture from VirusTotal below shows how