ESET Research observes IoT botnet Mozi taken down via a kill switch
By MYBRANDBOOK
ESET Research recently observed the sudden demise of one of the most prolific Internet of Things (IoT) botnets, named Mozi, infamous for exploiting vulnerabilities in hundreds of thousands of IoT devices each year. User Datagram Protocol (UDP) observed an unanticipated drop in activity that began in India and was also observed in China a week later. The change was caused by an update to Mozi bots that stripped them of their functionality. A few weeks following these events, ESET researchers were able to identify and analyze the kill switch that caused Mozi’s demise.
“The demise of one of the most prolific IoT botnets is a fascinating case of cyber forensics, providing us with intriguing technical information on how such botnets in the wild are created, operated, and dismantled,” says ESET Eesearcher Ivan Bešina, who investigated the disappearance of Mozi.
On September 27, 2023, ESET researchers spotted the control payload (configuration file) inside a UDP message missing the typical content; its new activity was in fact to act as the kill switch responsible for Mozi’s takedown. The kill switch stopped the parent process – the original Mozi malware – and disabled certain system services, replaced the original Mozi file with itself, executed certain router/device configuration commands, and disabled access to various ports.
Despite the drastic reduction in functionality, the Mozi bots have maintained persistence, indicating a deliberate and calculated takedown. ESET analysis of the kill switch showed a strong connection between the botnet’s original source code and recently used control payloads that were signed by the correct private keys.
“There are two potential instigators for this takedown: the original Mozi botnet creator or Chinese law enforcement, perhaps enlisting or forcing the cooperation of the original actor or actors. The sequential targeting of India and then China suggests that the takedown was carried out deliberately, with one country targeted first and the other a week later,” explains Bešina.
BREAKING NEWS
TECHNO TRENDS
Legal Battle Over IT Act Intensifies Amid Musk’s India Plans
The outcome of the legal dispute between X Corp and the Indian government c...
Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth
The agreement, executed through Wipro and its 100% subsidiary,...
Centre announces that DPDP Rules nearing Finalisation by April
The government seeks to refine the rules for robust data protection, ensuri...
Home Ministry cracks down on PoS agents in digital arrest scam
Digital arrest scams are a growing cybercrime where victims are coerced or ...
E-Magazine
TECHNOTAINMENT
Hrithik Roshan to endorse RuPay as Brand Ambassador
RuPay is reportedly planning to feature Bollywood superstar Hrithik Rosha
India Today Group launches – AI Pop Stars
Staying true to our industry leadership position in using cutting-edge tech
MOVERS & SHAKERS
TelioLabs ropes in Phaniraj V A as the Group CEO
TelioLabs has announced the onboarding of Phaniraj V A as its new Group CE
Wipro Appoints Amit Kumar as Managing Partner and Global Head
Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading technology s
OPEN YOUR EYES
INTERVIEWS
Bolstering its commitment to help build a truly self-reliant B
CP PLUS is dedicated to spreading a sense of security to every corner of In
Alpha Max offers high end solutions in the network space to en
The vision at Alpha Max is to attain quality as the trademark and create a
HOT PICK
MSI Announces the availability of RTX 50 series of laptops in
MSI, the innovative computing manufacturer in gaming, creator
Nothing Phone (3a) goes on sale today, starting at Rs 19,999
The phone was launched on March 4, featuring a 50MP main, ultra-wide, and t
MAKE IN INDIA BRANDS
RELIANCE JIO INFOCOMM LTD.
MATRIX COMSEC PVT. LTD.
FIRE BOLTT
NUMERIC INDIA, A Group Brand Legrand
EMINENT CIO'S OF INDIA
ICONS OF INDIA
Icons Of India : Dr. Sanjay Bahl
Dr. Sanjay Bahl has around four decades of experience in the ICT indus...
Icons Of India : NIKHIL RATHI
Co-founder & CEO of Web Werks, a global leader in Data Centers and Clo...
Icons Of India : Puneet Chandok
Puneet Chandok is President, Microsoft India & South Asia and is respo...
PARTNER SPEAKERS
PSU
UIDAI - Unique Identification Authority of India
UIDAI and the Aadhaar system represent a significant milestone in Indi...
C-DAC - Centre for Development of Advanced Computing
C-DAC is uniquely positioned in the field of advanced computing...
C-DOT - Center of Development of Telematics
India’s premier research and development center focused on telecommu...
VIDEOS
Top 25 Brands
Global Indian industry
Indian Tech Talent Excelling The Tech World - ANJALI SUD, CEO – Tubi
Anjali Sud, the former CEO of Vimeo, now leads Tubi, Fox Corporation...
Indian Tech Talent Excelling The Tech World - PADMASREE WARRIOR, Founder, President & CEO - Fable
Padmasree Warrior, the Founder, President, and CEO of Fable, is revolu...
Indian Tech Talent Excelling The Tech World - Rajiv Ramaswami, President & CEO, Nutanix Technologies
Rajiv Ramaswami, President and CEO of Nutanix, brings over 30 years of...
ITFORUM 2025
CMO of the Year
WOMEN LEADERSHIP
IMAGE GALLERY
TRENDS IN TECHNOLOGY
MORE VIDEOS
ADVERTISEMENTS
TECHNOLOGY DISRUPTION
UNICORNS REVOLUTIONISING
of images belongs to the respective copyright holders
