Variant of Mirai botnet targets ZyXEL devices

Researchers from Qihoo 360 Netlab have reported a big uptick in botnet activity targeting internet connected devices made by ZyXEL Communications.

The botnet appears to be a variant of Mirai and targets ZyXEL devices that use the default admin/CentryL1nk and admin/QwestM0dem telnet credentials via port 23 and 2323, Threatpost reports

Mirai was the infamous botnet that targeted Internet of Things (IoT) devices in October of 2016 by gaining access via default accounts and passwords.

Attackers then used thousands of the compromised devices via the Mirai-based botnet to launch distributed denial of service (DDoS) attacks, such as the one that took down DNS provider Dyn and subsequently thousands of websites.