New Variant of Mirai Malware Using 13 Different Exploits to Hack Routers Including D-Link, Linksys, GPON, Netgear, Huawei

New Variant of Mirai Malware Using 13 Different Exploits to Hack Routers Including D-Link, Linksys, GPON, Netgear, Huawei

Researchers discovered a new wave of Mirai Variant that used 13 different exploits to attack various router models and other network devices.


These exploits are associated with this new Mirai variant capable of launching backdoor and distributed denial-of-service (DDoS) attacks.

Mirai malware has strong records of infecting poorly managing IoT devices and performing DDOS attacks on various platforms.


Mirai targets several different routers including D-Link, Linksys, GPON, Netgear, Huawei and other network devices such as ThinkPHP, multiple CCTV-DVR vendors, UPnP, MVPower digital video recorders, and Vacron network video recorder.


This is the first time to have used all 13 exploits together in a single campaign including some of the exploits that used in the previous attack.

Initially, the new variant of Mirai found in the honeypot system that deployed by Trend Micro and it looking for the IoT devices to exploit several vulnerabilities that include remote code execution (RCE), authentication bypass and command injection.


According to Trend Micro ” It showed that this malware used different means of spreading, and also revealed its use of three XOR keys to encrypt data. Decrypting the malware’s strings using XOR revealed one of the firs ..