The cyber criminal group Keksec is using Enemybot to attack routers and IoT devices, exploiting a remote code execution (RCE) vulnerability CVE-2022-27226.
Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene | ZDNet
New Enemybot botnet blends Linux backdoor bot Gafgyt, Mirai • The Register
This botnet is part of the infrastructure running various distributed denial of service (DDoS) attacks, which if you are infected will have an impact on your network and internet bandwidth. However there is evidence that groups are expanding the use of Enemybot to include other malware attacks such as cryptomining and ransomware.
Check whether your router is vulnerable – and if needed patch, patch, patch!
The Keksec gang has also used the names Nero and Freakout.
