Nexus Zeta is no stranger when it comes to implementing SOAP related exploits. The threat actor has already been observed in implementing two other known SOAP related exploits, CVE-2014–8361 and CVE-2017–17215 in his Satori botnet project. A third SOAP exploit, TR-069 bug has also been observed previously in IoT botnets. This makes EDB 38722 the fourth SOAP related exploit which is discovered in the wild by IoT botnets.
|2018-01-23 ⋅ Threatpost ⋅ |
Satori Author Linked to New Mirai Variant Masuta
|2018-01-23 ⋅ NewSky Security ⋅ |
Masuta: Satori Creators' Second Botnet Weaponizes A New Router Exploit
Masuta Nexus Zeta
|2018 ⋅ Qihoo 360 Technology ⋅ |
Tracking Mirai variants (Appendix: Hashes)