■■■■■ ZHtrap, the Latest Malware to Install Honeypots on Devices to Identify More Targets.
The security researchers at 360 Netlab have discovered a new botnet that is targeting and converting the infected routers, DVRs, and UPnP network into honeypots that supports it in identifying other targets to exploit.
Security experts have named the malware ‘ZHtrap’ which is based on Mirai’s source code. ZHtrap comes with support for x56, ARM, MIPS, and other CPU designs. ZHtrap botnet prevents other malware from re-infecting their bots when it takes charge of the device. Whitelist supports the botnet to run the system process and it blocks all the attempts to run new commands.
The latest malware uses a Tor command-and-control (C2) server to connect with other botnet nodes and a Tor proxy to hide malicious traffic.