Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902
released on 2020-08-03 @ 03:25:45 PM
Following the initial disclosure of two F5 BIG-IP vulnerabilities on the first week of July, Trend Micro continued monitoring and analyzing the vulnerabilities and other related activities to further understand their severities. Based on the workaround published for CVE-2020-5902, we found an internet of things (IoT) Mirai botnet downloader (detected by Trend Micro as Trojan.SH.MIRAI.BOI) that can be added to new malware variants to scan for exposed Big-IP boxes for intrusion and deliver the malicious payload.