Why You Shouldn't Use Microsoft Windows11.

...

LMDE5 - Linux Mint Debian Edition.

LMDE5 -...

Why Should I Not Use Windows10?

Here are a...

MooBot leveraging vulnerabilities in D-LINK devices

English

MooBot leveraging vulnerabilities in D-LINK devices, that are running Linux.

Security researchers discovered a new Mirai variant, which targets exposed networking devices running Linux.

Any compromised devices will be fully controlled by the attackers, who could utilize those devices to conduct further attacks such as distributed denial-of-service (DDoS) attacks.

D-Link has published security bulletins regarding all the vulnerabilities mentioned here, but it is likely there are still users running unpatched or older versions or devices.

Vulnerabilities used:

ID Vulnerability Description Severity
1 CVE-2015-2051 D-Link HNAP SOAPAction Header Command Execution Vulnerability CVSS Version 2.0: 10.0 High
2 CVE-2018-6530 D-Link SOAP Interface Remote Code Execution Vulnerability CVSS Version 3.0: 9.8 Critical
3 CVE-2022-26258 D-Link Remote Command Execution Vulnerability CVSS Version 3.0: 9.8 Critical
4 CVE-2022-28958 D-Link Remote Command Execution Vulnerability CVSS Version 3.0: 9.8 Critical

Malware analysis:

File Name   Description
rt   A script downloader. It downloads MooBot onto the compromised system and renames the binary files to Realtek
wget[.]sh   The script downloader. It downloads MooBot onto the compromised system, and renames the binary files to Android.
arc   MooBot executable file.
arm   MooBot executable file.
arm5   MooBot executable file.
arm6   MooBot executable file.
arm7   MooBot executable file.
i586   MooBot executable file.
i686   MooBot executable file.
mips   MooBot executable file.
mipsel   MooBot executable file.
sh4   MooBot executable file.
x86_64   MooBot executable file.

"After decoding its C2 server vpn.komaru[.]today from configuration, MooBot will send out a message to inform the C2 server that a new MooBot is online."

D-LINK users are urged to apply patches and upgrades asap when possible.

Look at D-LINK Security Bulletin - Updated recently?.

Read more here at Unit42 blog.

 

Buy Us A Coffee

Here is the link if you want to support us with a small donation.
This may help you and others gain better information and help us with the cost of the server.

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.

Disclaimer

All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.

 

Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.

 

Limited Time Offers