rapperbot (2)

10779952674?profile=RESIZE_400xFortiGuard Labs researchers have been tracking a quickly evolving IoT malware family known as “RapperBot” since mid-June 2022.  This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai.  In addition, recent samples show that its developers have started adding code to maintain persistence, which is rarely done

10764228452?profile=RESIZE_400xActivity Summary - Week Ending on 12 August 2022:

  • Red Sky Alliance identified 23,968 connections from new IP’s checking in with our Sinkholes
  • ril.com Hit
  • Analysts identified 765 new IP addresses participating in various Botnets
  • Zeppelin Ransomware
  • Exim
  • SmokeLoader
  • RapperBot
  • AiTM Phishing
  • BlenderBot
  • PortDoor & CotSam

Link to full report: IR-22-224-001_weekly224.pdf