- Pro
- Security
Another child of Mirai spotted in the wild
Comments (0) ()When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Getty Images)
- ShadowV2, a Mirai-based cloud-native botnet, appeared briefly during an AWS outage
- It targeted IoT devices via multiple vendor vulnerabilities, likely as a test run
- Found across 20+ countries, ShadowV2 may return, echoing Mirai’s disruptive DDoS legacy
Another botnet built on the foundations of the infamous Mirai has been recently spotted in the wild, but only briefly - suggesting it might be preparing for a major attack.
Security researchers from FortiGuard Labs claim to have seen a new botnet named ShadowV2 which was active only during the recent AWS outage, meaning it was ‘alive’ for no more than 15 hours.
- Amazon Black Friday deals are live: here are our picks!
During that time, it targeted multiple vulnerabilities from multiple manufacturers (DD-WRT, D-Link, DigiEver, TBK, and TP-Link) and created a network of assimilated routers, Wi-Fi access points, NAS boxes, DVRs, network video recorders, and similar Internet of Things (IoT) hardware.
You may like-
This dangerous new botnet is shooting off attacks across the world faster than can be tracked - here's what we know about RondoDox
-
Microsoft says Azure was hit with a massive DDoS attack launched from over 500,000 IP addresses
-
VPS servers hijacked into malware proxies - here's how to stay safe
Evolution of Mirai
The botnet could have been used the same way Mirai was used - to launch Distributed Denial of Service (DDoS) attacks, scan the internet for vulnerable devices, brute-force their credentials, infect them, and use them for further propagation.
FortiGuard Labs believes its emergence only served as a “test run”, and that the botnet will likely return in the future.
ShadowV2 is a cloud-native botnet that previously only targeted AWS EC2 instances. However, it has since evolved to target multiple industries, including technology, retail, hospitality, government, telecommunications, and more. It was found in more than two dozen countries around the world, including Canada, the US, UK, China, Russia, Saudi Arabia, and many others.
So far, there is no word on how many devices are infected with ShadowV2, or if the botnet is growing right now. We do know that it’s built primarily for IoT devices.
Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.Shortly after ShadowV2’s test run, Azure was hit with the “largest-ever” cloud-based DDOS attack, carried out by the Aisuru botnet - which is also considered a “descendent” of Mirai and is sometimes described as “Turbo Mirai”.
Mirai is often referred to as a “groundbreaking IoT malware” that became infamous for creating some of the largest and most disruptive botnets ever, knocking major websites and internet infrastructure offline worldwide.
Via The Register
The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
Sead FadilpašićSocial Links NavigationSead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Logout Read more
This dangerous new botnet is shooting off attacks across the world faster than can be tracked - here's what we know about RondoDox
Microsoft says Azure was hit with a massive DDoS attack launched from over 500,000 IP addresses
VPS servers hijacked into malware proxies - here's how to stay safe
When AI malware meets DDoS: a new challenge for online resilience
This infamous ransomware has returned, and it's more dangerous than ever
WordPress users beware - GootLoader strikes again, using font hack to spread malware
Latest in Security
Asahi confirms cyberattack leaked data on 1.5 million customers
New macOS malware chain could cause a major security headache - here's what we know
Ransomware hackers attack SMBs being acquired to try and gain access to multiple companies
Emergency alert systems across US disrupted following OnSolve CodeRED cyberattack
SitusAMC hack may have exposed data at major financial heavyweights
Watch out coders - top code formatting sites are apparently exposing huge amounts of user data
Latest in News
UBTech strikes deal with China to assist at border crossings, and this isn't a dystopian nightmare at all
The Battlefield 6 week-long free-to-play period is now live – here's everything you need to know
Two manufacturers warn of price hikes for new PCs, so now's the time to buy
EU clamps down on online fraud and hidden fees affecting online payment platforms
Cyberpunk 2077 just beat The Witcher 3: Wild Hunt to a major sales milestone – and CD Projekt says the RPG isn’t done yet
Epic’s Tim Sweeney says AI tags make ‘no sense’ as ‘nearly all future production’ will be made with AI anyway
LATEST ARTICLES- 1The best wireless headphones, chosen by our experts for all budgets
- 2UBTech strikes deal with China to assist at border crossings, and this isn't a dystopian nightmare at all
- 3The Battlefield 6 week-long free-to-play period is now live – here's everything you need to know
- 4NordVPN is compatible with new Amazon Fire Sticks – and it's up to 77% off this Black Friday
- 5Epic’s Tim Sweeney says AI tags make ‘no sense’ as ‘nearly all future production’ will be made with AI anyway
