Mozi Botnet

Malware updated 4 months ago (2024-05-04T19:17:56.302Z)

Download STIX

Preview STIX

The Mozi botnet, a form of malware, wreaked havoc on the internet from 2019 to 2023. During this period, it became the largest botnet in existence, incorporating over 1.5 million unique devices into its network. The botnet primarily exploited known vulnerabilities in NETGEAR DGN devices and JAWS web servers, enabling it to infiltrate systems often without the user's knowledge. Once inside, it could disrupt operations, steal personal information, or even hold data for ransom. In August 2023, there was an unexpected and significant drop in the activity of the notorious Mozi botnet. This botnet had gained infamy for exploiting vulnerabilities in hundreds of thousands of IoT devices each year. However, its reign came to an abrupt halt when a kill switch was activated, deliberately shutting down the botnet's operation. This development was first reported on Security Boulevard, a leading source of cybersecurity news and analysis. Following the sudden shutdown of the Mozi botnet, questions arose about who was behind the kill switch activation. Speculation pointed towards either Chinese authorities or criminal operators being responsible for the shutdown. Despite the uncertainty surrounding the identity of those involved, the deactivation of the Mozi botnet marked a significant milestone in the ongoing battle against malicious cyber activities.

Description last updated: 2024-05-04T18:44:50.900Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
Mozi	5	Mozi is a type of malware, a malicious software designed to exploit and damage computer systems and devices. It typically infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Botnet

Exploit

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Mozi Botnet Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Fortinet	2 years ago	2022 IoT Threat Review \| FortiGuard Labs
CERT-EU	a year ago	50+ Botnet Statistics and Trends (2023)
CERT-EU	10 months ago	This Week In Security: CVSS 4, OAuth, And ActiveMQ
CERT-EU	10 months ago	Prolific Mozi Botnet Deliberately Shut Down with Kill Switch
DARKReading	10 months ago	Somebody Just Killed the Mozi Botnet
CERT-EU	10 months ago	Who killed Mozi? Finally putting the IoT zombie botnet in its grave
CERT-EU	10 months ago	Mozi botnet murder mystery: Who is behind the kill switch?
InfoSecurity-magazine	10 months ago	Mysterious Kill Switch Shuts Down Mozi IoT Botnet
CERT-EU	10 months ago	Security researchers observed ‘deliberate’ takedown of notorious Mozi botnet
CERT-EU	10 months ago	Mozi Botnet Likely Killed by Its Creators
CERT-EU	8 months ago	650,000+ Malicious Domains Registered Resembling ChatGPT \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
DARKReading	a year ago	Botnets Send Exploits Within Days to Weeks After Published PoC
CERT-EU	10 months ago	Mozi Botnet Likely Killed by Its Creators
Securityaffairs	10 months ago	Who is behind the Mozi Botnet kill switch?
CERT-EU	10 months ago	Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations
ESET	7 months ago	ESET Research Podcast: ChatGPT, the MOVEit hack, and Pandora
CERT-EU	10 months ago	Mozi Botnet Likely Killed by Its Creators
CERT-EU	10 months ago	A new video series, Google Forms spam and the various gray areas of cyber attacks
ESET	9 months ago	Delivering trust with DNS security
CERT-EU	10 months ago	Critical Apache ActiveMQ bug exploited by ransomware crew