[SANS ISC] Mirai-alike Python Scanner

I published the following diary on isc.sans.edu: “Mirai-alike Python Scanner“:

Last week, I found an interesting Python script that behaves like a Mirai bot. It scans for vulnerable devices exposing their telnet (TCP/23) interface in the wild, then tries to connect using a dictionary of credentials. The script has been uploaded to VT and has a low score of 2/59. Indeed, it does not contain suspicious strings nor API calls. Just a simple but powerful scanner.

Here are the commands injected when a device is found with vulnerable credentials… [Read more]

The post [SANS ISC] Mirai-alike Python Scanner appeared first on /dev/random.

Article Link: https://blog.rootshell.be/2020/10/20/sans-isc-mirai-alike-python-scanner/