Echobot (Malware Family)

Echobot

The latest in this long line of Mirai scourges is a new variant named Echobot. Coming to life in mid-May, the malware was first described by Palo Alto Networks in a report published at the start of June, and then again in a report by security researchers from Akamai, in mid-June.

When it was first spotted by Palo Alto Networks researchers in early June, Echobot was using exploits for 18 vulnerabilities. In the Akamai report, a week later, Echobot was at 26.

https://www.zdnet.com/article/new-echobot-malware-is-a-smorgasbord-of-vulnerabilities

References

2019-12-18 ⋅ F5 Labs ⋅ Eli Kreminchuker, Maxim Zavodchik, Raymond Pompon
Echobot Malware Now up to 71 Exploits, Targeting SCADA
Echobot

2019-12-13 ⋅ Palo Alto Networks Unit 42 ⋅ Ruchna Nigam
Mirai Variant ECHOBOT Resurfaces with 13 Previously Unexploited Vulnerabilities
Echobot Mirai

2019-08-06 ⋅ Bleeping Computer ⋅ Ionut Ilascu
New Echobot Botnet Variant Uses Over 50 Exploits to Propagate
Echobot

2019-06-13 ⋅ Akamai ⋅ Larry Cashdollar
Latest ECHOBOT: 26 Infection Vectors
Echobot

2019-06-06 ⋅ Palo Alto Networks Unit 42 ⋅ Ruchna Nigam
New Mirai Variant Adds 8 New Exploits, Targets Additional IoT Devices
Echobot Mirai

There is no Yara-Signature yet.

Echobot Propose Change

References

Echobot