There is a growing number of botnets that consist of devices running the Linux OS. Among the most recent operations of this type, there is the Momentum botnet. Often, operators of botnets create malware that targets either personal devices, servers, or IoT (Internet-of-Things) devices, etc. However, the malware used in the Momentum botnet campaign is not as limited, and it can go after IoT devices, routers, various smartphones, etc. It would appear that Intel, ARM, MIPS, etc. CPU architectures are not safe from the Momentum botnet operation. According to reports, after the initial infiltration of the targeted device, the operators of the Momentum botnet would deploy a secondary payload. The second-stage threat would either be the Mirai backdoor, Kaiten or BASHLITE threats.
Scans the Internet for Vulnerable Systems
To spot new potential victims, the creators of the Momentum botnet scan the Web in search of systems that would be vulnerable to compromise. This means that a system, which is running outdated software, would be on the top of the list of the operators of the Momentum botnet. This is why malware experts warn users against neglecting software updates, as this makes them very vulnerable to cyber-attacks.
Used for DDoS Attacks and Controlled via IRC Server
Nowadays, most botnets are used for mining various cryptocurrencies, which are then transferred to the wallet of the attackers. However, before cryptocurrency miners gained popularity, most botnets were utilized in the so-called DDoS (Distributed-Denial-of-Service) attacks. Such attacks can target different networks or online services and make sure to take them offline. The Momentum botnet is capable of launching 30 DDoS attack types. This makes the Momentum botnet particularly effective. The Momentum botnet is controlled with the help of an IRC (Internet Relay Chat) server. This server is used as the attackers’ C&C (Command & Control) server, and the compromised machines would receive remote commands from the operators of the botnet via said server.
As we already mentioned, it is crucial to keep all the software present on your devices updated to minimize the chances of falling victim to cyber crooks. Furthermore, it is important to change the default login credentials and use a strong password, which will make you far less vulnerable to any potential attacks. Last but not least, make sure your PC is protected by a reputable anti-malware solution that will keep your device and data safe.