These botnets are frequently spread through documented D-Link vulnerabilities that allow remote attackers to execute malicious commands via a GetDeviceSettings action on the HNAP interface.
According to the cybersecurity company's telemetry data, attacks involving FICORA have targeted various countries globally, whereas those related to CAPSAICIN primarily singled out East Asian territories like Japan and Taiwan.
The Mirai derivative also packs in features to conduct distributed denial-of-service (DDoS) attacks using UDP, TCP, and DNS protocols.
The malware kills known botnet processes to ensure it is the only botnet executing on the victim host.
Collection
[
|
...
]