Device Takeover With Mozi Botnet
Botnets like Mozi try to infect machines with malware and get devices under their control so that they can be used for malicious activities, said Paul Nicholson, A10 Networks’ senior director of product marketing. The botnet exploits documented vulnerabilities in unpatched systems such as Netgear and D-Link to take over those devices and use them to launch attacks against other devices, Nicholson said.
Botnets like Mozi exploit well-known vulnerabilities with malware and frequently reuse code in an effort to spread and compromise systems for gain, according to Nicholson. DDoS weapons like Mozi can result in monetary loss to the victim organization since compromised systems would be rendered unavailable when attackers are taking advantage of them, Nicholson said.
Threat actors typically attempt to take control of a system by attacking multiple different protocols and networks, which can leave defenders scrambling since the attackers only have to succeed once to carry out a malicious activity, Nicholson said. Adversaries often turn to amplification-style DDoS attacks to exploit internet-facing DNS and authentication services by overwhelming the systems out there, he said.