Trend says hackers have weaponized SpringShell to install Mirai malware

Spread the love
Trend says hackers have weaponized SpringShell to install Mirai malware

Enlarge (credit: Getty Images)

Researchers on Friday said that hackers are exploiting the recently discovered SpringShell vulnerability to successfully infect vulnerable IoT devices with Mirai, an open source piece of malware that wrangles routers and other network-connected devices into sprawling botnets.

When SpringShell (also known as Spring4Shell) came to light last Sunday, some reports compared it to Log4Shell, the critical zero-day vulnerability in the popular logging utility Log4J that affected a sizable portion of apps on the Internet. That comparison proved to be exaggerated because the configurations required for SpringShell to work were by no means common. To date, there are no real-world apps known to be vulnerable.

Researchers at Trend Micro now say that hackers have developed a weaponized exploit that successfully installs Mirai. A blog post they published didn’t identify the type of device or the CPU used in the infected devices. The post did, however, say a malware file server they found stored multiple variants of the malware for different CPU architectures.

Read 5 remaining paragraphs | Comments

2 thoughts on “Trend says hackers have weaponized SpringShell to install Mirai malware

  1. hello there and thank you for your information – I’ve
    certainly picked up something new from right here.

    I did however expertise some technical issues using this website, as I experienced to reload the website lots of times previous to
    I could get it to load correctly. I had been wondering if your hosting is
    OK? Not that I’m complaining, but sluggish loading instances times will
    sometimes affect your placement in google and could damage your quality score if ads and marketing with Adwords.

    Well I’m adding this RSS to my email and could look out for much more
    of your respective interesting content. Make sure you update
    this again very soon.

Leave a Reply

Your email address will not be published. Required fields are marked *