In November, FortiGuard Labs observed a unique botnet written in the Go language being distributed through IoT vulnerabilities. This botnet, known as Zerobot, contains several modules, including self-replication, attacks for different protocols, and self-propagation. It also communicates with its command-and-control server using the WebSocket protocol.
MALWARE FAMILY: Zerobot
ATT&CK IDS: T1055 - Process Injection, T1205 - Traffic Signaling, T1406 - Obfuscated Files or Information, T1102 - Web Service, T1543 - Create or Modify System Process, T1053 - Scheduled Task/Job
Read More:
Comments