Mozi Botnet

Malware Profile Updated 24 days ago
Download STIX
Preview STIX
The Mozi botnet, a form of malware, wreaked havoc on the internet from 2019 to 2023. During this period, it became the largest botnet in existence, incorporating over 1.5 million unique devices into its network. The botnet primarily exploited known vulnerabilities in NETGEAR DGN devices and JAWS web servers, enabling it to infiltrate systems often without the user's knowledge. Once inside, it could disrupt operations, steal personal information, or even hold data for ransom. In August 2023, there was an unexpected and significant drop in the activity of the notorious Mozi botnet. This botnet had gained infamy for exploiting vulnerabilities in hundreds of thousands of IoT devices each year. However, its reign came to an abrupt halt when a kill switch was activated, deliberately shutting down the botnet's operation. This development was first reported on Security Boulevard, a leading source of cybersecurity news and analysis. Following the sudden shutdown of the Mozi botnet, questions arose about who was behind the kill switch activation. Speculation pointed towards either Chinese authorities or criminal operators being responsible for the shutdown. Despite the uncertainty surrounding the identity of those involved, the deactivation of the Mozi botnet marked a significant milestone in the ongoing battle against malicious cyber activities.
What's your take? (Question 1 of 2)
29911cc0-a3a3-4fc0-af28-1dd17688d9cd Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Mozi
5
Mozi is a type of malware, a malicious software designed to exploit and damage computer systems or devices. It can infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst to the user. Once it gains access, Mozi has the potential to steal personal information, disrupt oper
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Botnet
Exploit
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Mozi Botnet Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
7 months ago
Security researchers observed ‘deliberate’ takedown of notorious Mozi botnet
DARKReading
a year ago
Botnets Send Exploits Within Days to Weeks After Published PoC
InfoSecurity-magazine
7 months ago
Mysterious Kill Switch Shuts Down Mozi IoT Botnet
CERT-EU
7 months ago
Mozi botnet murder mystery: Who is behind the kill switch?
CERT-EU
7 months ago
Who killed Mozi? Finally putting the IoT zombie botnet in its grave
CERT-EU
7 months ago
Mozi Botnet Likely Killed by Its Creators
CERT-EU
a year ago
50+ Botnet Statistics and Trends (2023)
CERT-EU
7 months ago
Prolific Mozi Botnet Deliberately Shut Down with Kill Switch
Fortinet
a year ago
2022 IoT Threat Review | FortiGuard Labs
ESET
4 months ago
ESET Research Podcast: ChatGPT, the MOVEit hack, and Pandora
DARKReading
7 months ago
Somebody Just Killed the Mozi Botnet
CERT-EU
7 months ago
Critical Apache ActiveMQ bug exploited by ransomware crew
CERT-EU
7 months ago
A new video series, Google Forms spam and the various gray areas of cyber attacks
CERT-EU
7 months ago
Mozi Botnet Likely Killed by Its Creators
CERT-EU
5 months ago
650,000+ Malicious Domains Registered Resembling ChatGPT | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
7 months ago
Prolific Mozi Botnet Deliberately Shut Down with Kill Switch
CERT-EU
7 months ago
Mozi Botnet Likely Killed by Its Creators
Securityaffairs
7 months ago
Who is behind the Mozi Botnet kill switch?
CERT-EU
7 months ago
Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations
CERT-EU
7 months ago
This Week In Security: CVSS 4, OAuth, And ActiveMQ