Trojan.SH.MIRAI.BOI
Trojan.SH.MIRAI.BOI is a detection name used to describe an exploit that multiple cybercrime organizations use to infect devices and make them parts of a botnet based on the Mirai project. The Trojan.SH.MIRAI.BOI exploit concerns two new vulnerabilities found in BIG-IP services and systems and a myriad of outdated vulnerabilities that may still affect unpatched devices. The Trojan.SH.MIRAI.BOI botnet downloader has been used against BIG-IP systems, Netlink routers, Netgear routers, Apache Kylin instances and various other vulnerable services.
As we already mentioned, this exploit has so far been used to install botnet binaries on vulnerable devices. The criminals using the Trojan.SH.MIRAI.BOI downloader may be able to scan tens of thousands of accessible IP addresses per hour, therefore allowing them to discover hundreds of vulnerable devices. Once they identify an exploitable target, they may proceed to run a Mirai Botnet variant like the Scarface Botnet or SORA Botnet.
Botnets are one of the most widely spread cyber threats, but, surprisingly, it is fairly easy to prevent your Internet-enabled devices from being infected by a botnet binary. You need to make sure to apply all firmware updates and patches that fix security issues for starters. It is also advisable to strengthen your network security policies and to make sure that service management interfaces are not accessible on the Internet. Last but not least, you should use strong login credentials for all services exposed to the Internet, as brute-force attacks are another method that botnet operators rely on heavily.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.