Jenx Mirai

Malware updated 4 months ago (2024-05-04T19:01:25.899Z)

Download STIX

Preview STIX

JenX Mirai is a variant of malware, malicious software designed to exploit and damage computer systems. This particular variant was discovered in January 2018 and has been used primarily by the InfectedSlurs botnet, an unidentified group that uses offensive language in its command-and-control (C2) domains and hardcoded strings. The botnet leverages this older JenX Mirai code to infect devices, with some instances linked to the hailBot Mirai variant. Interestingly, the original JenX Mirai variant was found to be exploiting the Grand Theft Auto video game community for infections. The Akamai Security Intelligence Response Team (SIRT) identified the campaign as originating from a Mirai botnet activity cluster, indicating a well-coordinated attack strategy. The team's findings suggest that the primary malware being used is the older JenX Mirai variant. Notably, the C2 domains associated with this campaign displayed offensive language and racial epithets, leading to the codename "InfectedSlurs" for the botnet. In conclusion, the InfectedSlurs botnet represents a significant cybersecurity threat due to its use of the JenX Mirai malware variant. The offensive language used in its C2 domains and hardcoded strings makes it distinct. It is crucial for organizations to remain vigilant against such threats, ensuring robust security measures are in place to prevent potential attacks.

Description last updated: 2024-05-04T16:37:48.820Z

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
Infectedslurs	2	InfectedSlurs is a newly discovered malware that operates as a Mirai-based botnet. This malicious software is designed to exploit and damage computer systems and devices, often infiltrating the system through suspicious downloads, emails, or websites without the user's knowledge. Once inside, it can

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Malware

Botnet

Akamai

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
Mirai	Unspecified	3	Mirai is a type of malware that specifically targets Internet of Things (IoT) devices such as smart speakers, cameras, and connected home equipment. It exploits weak Telnet (port 23) and SSH (port 22) credentials to gain control over these devices. Once infected, these devices are then incorporated

Source Document References

Information about the Jenx Mirai Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	9 months ago	พบ Botnet ตัวใหม่ในชื่อ 'InfectedSlurs' ใช้ Zero-Days 2 รายการในการโจมตี NVR และ Routers - Bangkok, Thailand \| i-secure Co, Ltd.
CERT-EU	9 months ago	Security Week In Review: November 24, 2023
InfoSecurity-magazine	9 months ago	InfectedSlurs Botnet Resurrects Mirai With Zero-Days
CERT-EU	10 months ago	Mirai malware infects routers and cameras for new botnet
CERT-EU	10 months ago	New botnet malware exploits two zero-days to infect NVRs and routers
Securityaffairs	10 months ago	New InfectedSlurs Mirai-based botnet exploits two zero-days
CERT-EU	9 months ago	Novel Mirai-based DDoS botnet exploits 0-days to infect routers and security cameras
CERT-EU	9 months ago	Mirai-based botnet targets routers and video recorders via zero-day flaws
CERT-EU	9 months ago	Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks