A new variant of the Muhstik botnet has appeared, this time with scanner technology that can brute-force web authentication to attack routers. Researchers at Palo Alto Networks Unit 42 discovered the new variant harvesting vulnerable routers and IoT devices in early December. The new variant also once again shows the inherent lack of security in the IoT landscape, with new attacks on these type of devices seeming to come so fast security researchers can barely keep up, they said. MuhStik, showing a wormlike self-propagating capability, has been active since March 2018.
Source: https://threatpost.com/muhstik-botnet-attacks-tomato-routers/152079/