Miori

Malware updated 4 months ago (2024-05-05T10:17:43.969Z)
Download STIX
Preview STIX
Miori is a variant of the notorious Mirai malware, which shares similar modules with it. Like other types of malware, Miori is designed to exploit and damage computer systems, often infiltrating them through suspicious downloads, emails, or websites. Once it has infected a system, it can steal personal information, disrupt operations, or even hold data hostage for ransom. In recent times, researchers at Fortinet have observed multiple attacks over the past month that exploit a particular vulnerability (CVE-2023-1389), including botnets such as Moobot, Miori, AGoent, a Gafgyt variant, and an unnamed variant of the infamous Mirai botnet. These attacks indicate a widespread and coordinated effort by malicious actors to compromise systems on a large scale. The commonality among these attacks is their focus on exploiting this specific vulnerability, highlighting the need for robust cybersecurity measures to counteract such threats. Upon execution, Miori exhibits unique behaviors that distinguish it from other malware. It displays a message stating "your device just got infected to a bootnoot" in the console and sends \x00\x00 to its command-and-control (C2) server "rooty[.]cc" on TCP port 33335. This behavior, along with its shared attack methodologies with other Mirai derivations, makes Miori a persistent and significant threat in the cybersecurity landscape.
Description last updated: 2024-05-05T10:15:13.841Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
IDTypeVotesProfile Description
Miraiis related to
3
Mirai is a type of malware that has been notably used to create botnets, networks of infected devices controlled by an attacker. In early 2022, Mirai botnets accounted for over 7 million detections, although there was a subsequent 9% quarter-on-quarter drop in detections in Hong Kong. The malware is
Source Document References
Information about the Miori Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Fortinet
5 months ago
Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread | FortiGuard Labs
BankInfoSecurity
5 months ago
Exploited TP-Link Vulnerability Spawns Botnet Threats