The well-established “Mozi” peer-to-peer (P2P) botnet has developed new persistence capabilities. These are designed to increase Mozi’s success rate, and to block attempts to interfere with its compromise of Internet of Things (IoT) devices by exploiting weak passwords and multiple flaws. Since its discovery in 2019, Mozi has been continually upgraded by its operators, demonstrating their intent to dominate a crowded IoT botnet market. Mozi’s exploitation of legacy vulnerabilities in IoT devices highlights the security failures of such products. As device manufacturers struggle to overcome (or bypass) security issues, their reputation dwindles. Even if IoT security improves, cybercriminals will likely adapt and innovate, steadily pursuing their goal of corporate network access by targeting connected devices.

Want these
Threat Intelligence reports sent straight to your inbox?
Subscribe below!
Most Recent Flipbooks
Main story: Attackers seize Microsoft zero-day for malware dissemination, espionage
Main story: Russian cyber attacks on Ukraine: Where’s the boom?
Main story: Karakurt Hacking Team moonlights as Conti side business
RaidForums takedown sends cybercriminals scrambling
Maverick extortionist group Lapsus$ goes after big tech
US executive order pushes for responsible cryptocurrency use
The Russia-Ukraine war has triggered a resurgence of hacktivism around the world
The US government has issued an alert about the Iran-linked "MuddyWater" advanced persistent threat group
Conti ransomware group aims to ascend with new tools, structure
US DoJ arrests shine light on ease and impact of cryptocurrency laundering