A team of IBM X-Force has discovered that the “Mozi” botnet had spiked among Internet of Things (IoT) devices.
Active since 2019, this malware has code overlap with Mirai and its variants. Mozi accounted for nearly 90 percent of the observed IoT network traffic from October 2019 through June 2020.
According to this blog post, this takeover was accompanied by a huge increase in overall IoT botnet activity, suggesting Mozi had failed to remove competitors from the market. Rather, it flooded the market, dwarfing other variants’ activity. Overall, combined IoT attack instances from October 2019, when attacks began to notably increase, through June 2020 was 400 percent higher than the combined IoT attack instances for the previous two years.
This surge in IoT attacks, said the research team, could be due to a number of causes, but may in part result from an ever-expanding IoT landscape for threat actors to target. There are about 31 billion IoT devices deployed around the globe, and the IoT deployment rate is now 127 devices per second.