Since then, many variants of Mirai have been noticed, as attackers take the unique codebase and add new exploits and performance to it.
The primary variant that exploits the Wazuh vulnerability downloads a malicious shell script that may obtain the Mirai payload for varied CPU architectures. The Mirai variant comprises the title “morte” and used command-and-control (C2) domains beforehand related to a Home windows-based RAT and several other different Mirai variants.
The morte botnet additionally comprises exploits for recognized vulnerabilities in Hadoop YARN, TP-Hyperlink Archer AX21, and ZTE ZXV10 H108L routers. Incorporating a number of exploits for IoT gadgets is frequent for Mirai however attackers can customise them.