ELF/Mirai.AE!tr

description-logoAnalysis

ELF/Mirai.AE!tr is classified as a trojan.
A trojan is a type of malware that performs activites without the user’s knowledge. These activities commonly include establishing remote access connections, capturing keyboard input, collecting system information, downloading/uploading files, dropping other malware into the infected system, performing denial-of-service (DoS) attacks, and running/terminating processes.
The Fortinet Antivirus Analyst Team is constantly updating our descriptions. Please check the FortiGuard Encyclopedia regularly for updates.

description-logoOutbreak Alert

Multiple critical vulnerabilities affecting various Zyxel devices have been seen exploited in the wild. The attackers are observed deploying Mirai like botnet inducing denial of service conditions. One of the vulnerability, CVE-2023-28771 which allows unauthenticated attackers to execute OS commands remotely has a publicly available proof of concept (PoC).

View the full Outbreak Alert Report

recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
FortiClient
FortiAPS
FortiAPU
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2023-03-20 91.01603
2022-09-20 90.06160
2022-09-14 90.05981
2022-07-29 90.04595
2022-04-26 90.01752
2022-02-01 89.09233
2022-01-18 89.08813
2021-11-02 89.06505
2021-10-19 89.06090
2021-10-17 89.06030