HEH P2P Botnet Sports Dangerous Wiper Function

A freshly discovered botnet dubbed HEH by researchers is casting a wide net, looking to infect any and all devices that use Telnet on ports 23/2323. It’s particularly destructive: It contains code that wipes all data from infected systems.

Perhaps ironically, its operators also have a penchant for civil advocacy – a loading of the Universal Declaration of Human Rights, visible to researchers during analysis, accompanies each infection.

According to a 360Netlab analysis, samples of the bot are being found on a wide range of CPU architectures, including x86(32/64), ARM(32/64), MIPS (MIPS32/MIPS-III) and PPC – meaning it’s infecting desktops, laptops, mobile and internet-of-things (IoT) devices.

Read more…
Source: ThreatPost