New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices
Dec 04, 2023
Malware / Botnet
Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that's capable of targeting routers and IoT devices. The latest version, per Cado Security Labs, is compiled for Microprocessor without Interlocked Pipelined Stages ( MIPS ) architecture, broadening its capabilities and reach. "It's highly likely that by targeting MIPS, the P2PInfect developers intend to infect routers and IoT devices with the malware," security researcher Matt Muir said in a report shared with The Hacker News. P2PInfect, a Rust-based malware, was first disclosed back in July 2023, targeting unpatched Redis instances by exploiting a critical Lua sandbox escape vulnerability ( CVE-2022-0543 , CVSS score: 10.0) for initial access. A subsequent analysis from the cloud security firm in September revealed a surge in P2PInfect activity, coinciding with the release of iterative variants of the malware. The new artifacts, besides attempting to condu