New Miori Variant Uses Unique Protocol to Communicate with C2
released on 2019-07-10 @ 06:51:16 PM
TrendMicro first detailed a new Mirai variant called Miori in a report late last year after finding the malware spreading via a ThinkPHP Remote Code Execution (RCE) vulnerability. It has recently reappeared bearing a notable difference in the way it communicates with its command-and-control (C2) server. This Miori variant departs from the usual binary-based protocol and uses a text-based protocol to communicate with its C2.