The well-established “Mozi” peer-to-peer (P2P) botnet has developed new persistence capabilities. These are designed to increase Mozi’s success rate, and to block attempts to interfere with its compromise of Internet of Things (IoT) devices by exploiting weak passwords and multiple flaws. Since its discovery in 2019, Mozi has been continually upgraded by its operators, demonstrating their intent to dominate a crowded IoT botnet market. Mozi’s exploitation of legacy vulnerabilities in IoT devices highlights the security failures of such products. As device manufacturers struggle to overcome (or bypass) security issues, their reputation dwindles. Even if IoT security improves, cybercriminals will likely adapt and innovate, steadily pursuing their goal of corporate network access by targeting connected devices.
Digital Shadows
Threat Intelligence and Digital Risk Protection Resources
