A new variant of the infamous Mirai malware, tracked as Mukashi, targets Zyxel network-attached storage (NAS) devices exploiting recently patched CVE-2020-9054 issue. Palo Alto Networks first spotted the Mukashis activity on March 12, when the threat actor attempted to download a shell script to the. tmp directory, execute the downloaded script, and remove the evidence on a vulnerable device. Mukashi is a bot that scans the TCP port 23 of random hosts,. brute forces the logins using different combinations of default credentials, while informing its command and control (C2) server of the successful login attempts.”]
Source: https://securityaffairs.co/wordpress/100116/cyber-crime/mukashi-mirai-variant-targets-zyxel.html