IoT botnet upgraded to target unpatched Apache servers

Web-exposed Internet of Things (IoT) devices are often vulnerable to exploitation by malicious actors. Cybercriminals target unpatched IoT devices exposed to the Internet due to their continuous growth.

Zerobot is a Go-based botnet primarily affecting various IoT devices, including firewall devices, routers, and cameras. Zerobt operators continuously expand the malware with the latest capabilities, enabling it to add compromised systems to a distributed denial of service (DDoS) botnet.

Zerobot was recently upgraded to version 1.1, featuring novel capabilities, including new attack methods and exploits for support architectures, thus expanding its reach to different types of devices, including the ability to target vulnerabilities on unpatched Apache servers.

Microsoft’s s Security Threat Intelligence team disclosed the new attack capabilities, including a set of recommendations to defend devices and networks against Zerobot, in a recent bulletin.