THEMOON BOTNET IS ATTACKING A ZERO-DAY VULNERABILITY IN GPON WIFI ROUTERS

Posted by Ashley Victoria Cannon on May 24, 2018
Ashley Victoria Cannon

 

In this week's Technology Todaywe discuss TheMoon botnet, that sneaks its way through a zero-day vulnerability loophole in GPON WiFi routers - beware! 

 

DEATS 

This is not the first warning against DASAN GPON WiFi routers; however, some people still have them synced to the internet! If so, remove ASAP! Why? Well, security researchers from Qihoo 360 Netlab verified that TheMoon is mining data via an undisclosed zero-day vulnerability and ultimately allowing the attacker to take full control of the device, remotely.  Netlab determined this after conducting two tests via versions of GPON home routers. We are still awaiting NEW info on how to avoid attacks via the zero-day vulnerability, as it has yet to be released. 

 

HOW DID IT COME TO BE? 

TheMoon botnet first arose in 2014 - since that time, it's roster has grown an additional 6 exploits of IoT devices. Some being the spread of malware to ASUS and Linksys routers back in 2015. 

 

IS THEMOON THE ONLY THREAT?

Unfortunately, TheMoon botnet is not the only threat, targeting GPON routers. The below botnets are also attackers that you need to be on the lookout for. 

Mettle 

  • Attackers have been using an open-sourced Mettle attack module to imbed malware on vulnerable routers. 

Muhstik 

  • Discovered last week, as it was hacking a critical Drupal flaw - the latest update has been programmed to hack GPON vulnerabilities; in addition to DD-WRT and JBOSS. 

Mirai (NEW Variants) 

  • GPON exploit has also been mixed into new strains of the Mirai botnet - this botnet first emerged in 2016, when it was used to launch record-breaking DDoS attacks. 

Hajime 

  • Has been found exploiting GPON via its code, to target home routers.

Satori 

  • Added GPON to it's latest variant. 

THOUGHTS

Did you find this blog informative? Will you or your company and its employees safeguard themselves against these threats? Do you have a subject you would like for us to cover next? Sound off below and be sure to subscribe to our emails! 

Until next time, Techies! 

 

 MORE FROM TECHNOLOGY TODAY

MORE FROM CIRCULENT

Tags: Insider, Fixes, Computer Fixes, PC Issues, Software, Security & Virus Protection, Internet, ransomware, tech, FBI, IT Support, Bitcoins, IT, habits, anti-virus, malware, technology, hackers, code, tehcnology, computer, Intel, device, blockchain, data, data loss, infrastructure, cyber criminals, attackers, server, cyber crime, cryptocurrency, Digital, transform, breach, databreach, security, hack, debitcard, creditcard, crime, APT, GPU, Microsoft, CPU, TPT, TDT, AMS, bitcoin, cryptocurrencies, Mettle, Muhstik, TheMoon, Mirai, Hajime, Satori, Botnet, GPON, Routers

TECHNOLOGY TODAY 

Technology Today is Circulent's weekly tech blog 

We sift through the good, the bad and the techy tid-bits of all things tech! 

Be sure to tune-in weekly for 

  • The latest trends 
  • Product launches
  • Acquisitions 
  • How-to's/To-do's 
  • And much, much more...

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all