1. Forum
  2. tqwNet
  3. TQW GENTECH

  • This devious botnet tried a trial run during the recent AWS outag

    From TechnologyDaily@1337:1/100 to All on Thursday, November 27, 2025 14:30:10
    This devious botnet tried a trial run during the recent AWS outage - so when will it be back?

    Date:
    Thu, 27 Nov 2025 14:27:00 +0000

    Description:
    Another child of Mirai was spotted in the wild - but this one flashed only briefly.

    FULL STORY ======================================================================ShadowV2 , a Mirai-based cloud-native botnet, appeared briefly during an AWS outage It targeted IoT devices via multiple vendor vulnerabilities, likely as a test
    run Found across 20+ countries, ShadowV2 may return, echoing Mirais
    disruptive DDoS legacy

    Another botnet built on the foundations of the infamous Mirai has been recently spotted in the wild, but only briefly - suggesting it might be preparing for a major attack.

    Security researchers from FortiGuard Labs claim to have seen a new botnet named ShadowV2 which was active only during the recent AWS outage , meaning
    it was alive for no more than 15 hours.

    During that time, it targeted multiple vulnerabilities from multiple manufacturers (DD-WRT, D-Link, DigiEver, TBK, and TP-Link) and created a network of assimilated routers, Wi-Fi access points, NAS boxes, DVRs, network video recorders, and similar Internet of Things (IoT) hardware. Evolution of Mirai

    The botnet could have been used the same way Mirai was used - to launch Distributed Denial of Service ( DDoS ) attacks, scan the internet for vulnerable devices, brute-force their credentials, infect them, and use them for further propagation.

    FortiGuard Labs believes its emergence only served as a test run, and that
    the botnet will likely return in the future.

    ShadowV2 is a cloud-native botnet that previously only targeted AWS EC2 instances. However, it has since evolved to target multiple industries, including technology, retail, hospitality, government, telecommunications,
    and more. It was found in more than two dozen countries around the world, including Canada, the US, UK, China, Russia, Saudi Arabia, and many others.

    So far, there is no word on how many devices are infected with ShadowV2, or
    if the botnet is growing right now. We do know that its built primarily for IoT devices.

    Shortly after ShadowV2s test run, Azure was hit with the largest-ever cloud-based DDOS attack, carried out by the Aisuru botnet - which is also considered a descendent of Mirai and is sometimes described as Turbo Mirai.

    Mirai is often referred to as a groundbreaking IoT malware that became infamous for creating some of the largest and most disruptive botnets ever, knocking major websites and internet infrastructure offline worldwide.

    Via The Register

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-devious-botnet-tried-a-trial-run-d uring-the-recent-aws-outage-so-when-will-it-be-back


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)