Routers and Internet of Things (IoT) devices are essential when it comes to modern business. But this has made them a target for the BotenaGo malware.
Wireless technology is in place in almost every business in the world. The presence of routers allows PCs to connect to the internet and enhance their capabilities. IoT devices, meanwhile, bring wireless functionality to business such as wireless access to printers and data storage. Both routers and IoT devices, therefore, present an enticing opportunity to hackers. Compromising just one of these devices grants backdoor access to IT infrastructures. And this is where they can really cause your organization some damage.
BotenaGo is an innovative new strain of malware which has routers and IoT devices in their targets, so it’s crucial that you learn a little more about it.
What is BotenaGo?
The BotenaGo malware is difficult detect, but it appears that it’s hiding in plain sight. BotenaGo is written in Google’s popular Golang programming language, a process which has become steadily popular with hackers. Golang allows programmers to use the same code across different systems, so this saves significant time when coding. Malware, such as BotenaGo, coded in Golang can, therefore, spread across multiple operating systems with the same code.
BotenaGo is programmed to identify 30 different vulnerabilities and this is why so many routers and IoT devices are at risk. The malware starts by scanning the internet for vulnerable devices and then activates the available exploits. BotenaGo’s next step is to create backdoor on the infected devices, this is typically opened on ports 31421 and 19412. This allows the hackers to take control of the device. Further malware and DDoS attacks can then be launched using the victim’s internet connection.
How to Stay Safe
Malware which uses malicious links and attachments is easy to combat as it requires users to action the payload. The techniques used by BotenaGo, however, rely on system vulnerabilities that the average PC user will be unable to identify. Furthermore, current anti-virus software seems unable to detect BotenaGo. But there are ways you can protect yourself:
- Install all Patches: Most exploits arise due to coding errors which have failed to fully protect the software. Hackers regularly comb software to discover these exploits and then use them to gain unauthorized access. And, therefore, software manufacturers release regular security patches, these plug any holes in the software and make it more secure. But the end user needs to make sure they are installed. This can be difficult to maintain manually, but Windows allows you to set all updates to automatic to make it easier.
- Monitor Your Internet Traffic: BotenaGo is difficult to detect, but it does leave telltale signs as to its presence. A sudden increase in internet traffic, particularly through ports 31421 and 19412, should be a cause for concern. Accordingly, it’s important that your organization arms itself with traffic monitoring software to identify unusual behavior. Any increase in traffic should be investigated immediately and, where possible, access shut off immediately.
For more ways to secure and optimize your business technology, contact your local IT professionals.
