The satori botnet is a mirai variant, and within its first twelve hours of life satori has compromised over 280,000 endpoints and is wielding powerful zero-day exploits:
A new massive IoT botnet dubbed Satori has emerged, which security researchers fear, can launch crippling attacks at any time.
The botnet has reportedly already infected over 280,000 IP addresses in just 12 hours, enslaving hundreds of thousands of home routers by exploiting a recently discovered zero-day vulnerability.
Satori, which reportedly means “Awakening” in Japanese, is actually the infamous Mirai botnet’s successor.
According to a new report by security researchers at Qihoo 360 Netlab, the Satori botnet can propagate rapidly by itself, which essentially makes it an IoT worm.
Dale Drew, chief security strategist at CenturyLink, told ArsTechnica that the Satori botnet has already infected two widely-used types of home routers by exploiting the recently-discovered zero-day flaw.
Qihoo 360 Netlab security researcher Li Fengpei told Bleeping Computer that there are some clues that hint at the possibility of Satori being linked to yet another Mirai-based botnet discovered last month.
Drew reportedly warned that Satori botnet’s operators could launch an Internet-crippling DDoS attack at any time.