BACKGROUND:
AT&T Alien Labs™ researchers discover new malware “targeting millions of routers and IoT devices with more than 30 exploits.” The malware, dubbed BotenaGo, contains 30+ exploits designed to infect millions of routers and IOT devices. BotenaGo was written in Golang (aka Go), an open-source language designed by Google in 2007. As of publication, BotenaGo currently has low antivirus (AV) detection rate with only 6/62 known AVs seen in VirusTotal flagging the malware as malicious.
Targeted devices include a wide variety of routers, modems, and NAS devices from multiple vender lines, including: DrayTek, D-Link, NetGear, GPON, Linksys, XiongMai, Comtrend, Guangzhou, TOTOLINK, Tenda, ZyXEL (NAS) abd ZTE.
