New Mirai Variant ShadowV2 Targets IoT Devices During AWS Outage

A new Mirai-based botnet, ShadowV2, briefly targeted vulnerable IoT devices during an AWS outage in October. The botnet exploited vulnerabilities in products from DDWRT, D-Link, DigiEver, TBK, and TP-Link, affecting multiple industries. ShadowV2's activity suggests a test run for future attacks, highlighting the ongoing security risks associated with IoT devices. The malware resembles the Mirai LZRD variant and supports various DDoS attack methods. Fortinet emphasizes the importance of maintaining firmware updates and robust security practices to mitigate such threats.

Latest mentioned: 11-28

Earliest mentioned: 11-26

Sources

fortinet.com fortinet.com bleepingcomputer.com theregister.com theregister.com securityaffairs.com

Also Read

RomCom Malware Targets Engineering Firm via SocGholish

The RomCom malware group targeted a civil engineering company using the SocGholish JavaScript loader to deliver the Mythic Agent. This marks the first observed instance of RomCom using SocGholish for distribution. The attack, attributed to a military unit, aimed at entities with ties to a specific region. The infection chain involved fake browser updates and a custom Python backdoor, highlighting the blend of cybercrime and espionage tactics.

11-26Read more →