Miori

Malware Profile Updated 24 days ago
Download STIX
Preview STIX
Miori is a variant of the notorious Mirai malware, which shares similar modules with it. Like other types of malware, Miori is designed to exploit and damage computer systems, often infiltrating them through suspicious downloads, emails, or websites. Once it has infected a system, it can steal personal information, disrupt operations, or even hold data hostage for ransom. In recent times, researchers at Fortinet have observed multiple attacks over the past month that exploit a particular vulnerability (CVE-2023-1389), including botnets such as Moobot, Miori, AGoent, a Gafgyt variant, and an unnamed variant of the infamous Mirai botnet. These attacks indicate a widespread and coordinated effort by malicious actors to compromise systems on a large scale. The commonality among these attacks is their focus on exploiting this specific vulnerability, highlighting the need for robust cybersecurity measures to counteract such threats. Upon execution, Miori exhibits unique behaviors that distinguish it from other malware. It displays a message stating "your device just got infected to a bootnoot" in the console and sends \x00\x00 to its command-and-control (C2) server "rooty[.]cc" on TCP port 33335. This behavior, along with its shared attack methodologies with other Mirai derivations, makes Miori a persistent and significant threat in the cybersecurity landscape.
What's your take? (Question 1 of 0)
877bb318-fa2f-4d42-8ab7-00a6b0615652 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Mirai
3
Mirai is a notorious malware that targets Internet of Things (IoT) devices to form a botnet, which can then be used to launch distributed denial-of-service (DDoS) attacks. In early 2022, Mirai botnets accounted for over 7 million detections, highlighting the widespread nature of this threat. However
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Miori Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Fortinet
a month ago
Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread | FortiGuard Labs
BankInfoSecurity
a month ago
Exploited TP-Link Vulnerability Spawns Botnet Threats