• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • December 15th, 2019
  • Home
  • About Us
  • Team
  • Advertise
  • Submit News
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Youtube
Home » Security » Code for Satori malware posted on Pastebin

Code for Satori malware posted on Pastebin

January 3rd, 2018 Waqas Cyber Crime, Malware, Security 0 comments
Code for Satori malware posted on Pastebin
Share on FacebookShare on Twitter

The code behind Satori malware which is a variant of infamous Mirai DDoS malware has been published online. According to NewSky Security’s principal researcher, Ankit Anubhav the code was posted on Pastebin over Christmas.

Satori

Initially, the code pushed Satori which means “awakening” in the Japanese and Brickerbot malware to hijack thousands of (Internet of Things) IoT devices on November 27, 2017, including Huawei routers and more than 280,000 different IP addresses.

Brickerbot was discovered in April last year conducting PDoS (Permanent Denial Of Service) and literally destroying IoT devices around the world. Now that the malware code behind Satori botnet has been leaked online it can allow hackers to cause havoc by conducting large-scale distributed denial-of-service (DDoS) attacks.

“The proof of concept code was not made public to prevent attackers from abusing it. However, with the release of the full code now by the threat actor, we expect its usage in more cases by script kiddies and copy-paste botnet masters,” said Anubhav in a blog post.

Code for Satori malware posted on Pastebin

A snippet of leaked working exploit code shared by NewSky Security.

In order to avoid misuse, NewSky Security has decided not to share the link to the leaked code.

Attacking Huawei devices

Satori was originally identified by Israeli endpoint security provider Checkpoint during a zero-day attack exploiting a vulnerability (CVE-2017–17215) in Huawei HG532 devices. The company reported the issue to Huawei who confirmed the presence of this vulnerability and stated in its security advisory that: “An authenticated attacker could send malicious packets to port 37215 to launch attacks. A successful exploit could lead to the remote execution of arbitrary code.”

Who is behind Satori?

Although the nationality of the culprit behind Satori is unclear Checkpoint researchers believe the botnet is highly sophisticated and found connections between Satori and a HackForum member Nexus Zeta whose last post on the forum was about Mirai malware.

Code for Satori malware posted on Pastebin

Image credit: Checkpoint

Researchers also found command & control domain (nexusiotsolutions[.]net) of the malware that was registered on nexuszeta1337@gmail[.]com email address. Moreover, they found Nexus Zeta’s Twitter and Github accounts on which the member was once again talking about Mirai malware.

  • Tags
  • Botnet
  • Brickerbot
  • Cyber Crime
  • DDOS
  • hacking
  • Huawei
  • IoT
  • Malware
  • Mirai
  • security
  • Technology
Facebook Twitter Google+ LinkedIn Pinterest
Previous article 15-year-old Unpatched Root Access Bug found in Apple’s macOS
Next article Multiple Intel Processors Generations Hit by Serious Security Flaw
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism.

Related Posts
Popular forms of cybercrime you should be aware of

Popular forms of cybercrime you should be aware of

Hundreds of counterfeit branded shoe stores hacked with web skimmer

Hundreds of counterfeit branded shoe stores hacked with web skimmer

How to identify malware on your phone with these 7 signs

How to identify malware on your phone with these 7 signs

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

LATEST POSTS
Popular forms of cybercrime you should be aware of
Cyber Crime

Popular forms of cybercrime you should be aware of

316
70% of the entire US population is now on Facebook
Technology News

70% of the entire US population is now on Facebook

299
Hundreds of counterfeit branded shoe stores hacked with web skimmer
Cyber Crime

Hundreds of counterfeit branded shoe stores hacked with web skimmer

296
NGINX office in Moscow raided by police
Cyber Events

NGINX office in Moscow raided by police

1336

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us