virus logo Outbreak Alert

Zerobot Attack

Released: Dec 27, 2022

Download PDF »

Zerobot Attack

High Severity

IoT Platform

Attack Type

Subscribe

Go-based malware exploiting multiple vulnerabilities

Zerobot is a Go-based botnet that spreads primarily through IoT and web application vulnerabilities. According to Fortinet research analysis the most recent distribution of Zerobot includes additional capabilities such a new DDoS attack capabilities and exploiting Apache vulnerabilities. Learn More »

Common Vulnerabilities and Exposures

CVE-2016-20017
CVE-2017-17105
CVE-2019-10655
CVE-2020-25223
CVE-2021-42013
CVE-2022-31137
CVE-2022-33891
CVE-2022-30525
CVE-2017-17106

Background

In November 2022, FortiGuard Labs observed a unique botnet written in the Go language known as Zerobot which contains several modules, including self-replication, attacks for different protocols, and self-propagation. For more information on Zerobot Malware, see the link to Fortinet blog below. Please note, ZeroBot Malware does not relates to ZeroBot Chatbot or ZeroBot AI

Threat Radar Overall Score:
CVSS Rating 9.8
FortiRecon Score 92/100
Known Exploited Yes
Exploit Prediction Score 97.55%
FortiGuard Telemetry 13289

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


December 06, 2022: Fortinet posted a security blog research about Zerobot at https://www.fortinet.com/blog/threat-research/zerobot-new-go-based-botnet-campaign-targets-multiple-vulnerabilities


December 12, 2022: Microsoft uncovers new Zerobot 1.1 capabilities and posted a blog at https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT

  • AV

  • Vulnerability

  • AV (Pre-filter)

  • Behavior Detection

  • IPS

  • Web App Security

  • Application Firewall

  • Web Filter

  • Botnet C&C

DETECT

  • IOC

  • Outbreak Detection

  • Threat Hunting

  • Content Update

RESPOND

  • Automated Response

  • Assisted Response Services

RECOVER

  • InfoSec Services

IDENTIFY

  • Attack Surface Monitoring (Inside & Outside)

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.


Loading ...