The Imeij Botnet malware targets the AVTech video surveillance specifically the poorly protected IoT or 'Internet of Things' devices.

The malware was never patched by the Taiwanese vendors since last year. Now, researchers discovered that Imeij Botnet malware exposed its latest threat and target those poorly protected IoT gadgets running with Linux OS.

Like Us on Facebook

The target of Imeij Botnet malware is a product only made by a particular manufacturer; Taiwan's AVTech. With the use of this malware, the attackers are allowed to take the device's remote control and make it as part of the Botnet that can be used to launch other malicious attacks, according to Trend Micro.

Imeij exploits bugs to AVTech devices provided by the cloud service of the company. The CloudSetup.cgi or Common Gateway Interface (CGI) component will then contain some flaws that can be manipulated by the attacker to deploy malicious commands. The attacks will also send malicious CGI-bin scripts to some random IP addresses and tricks the devices to download malicious software.

When the malware is successfully installed in the device, it will collect all the information in the system and the network activity data. It can also perform a command to initiate Distributed Denial of Service (DDoS) attacks so that the device will terminate itself. Additionally, those connected to the infected devices have also at high risk.

The target of Imeij Botnet malware is ARM-based hardware, mainly use for IoT and mobile devices. Just like the LuaBot malware and Umbreon rootkit, AVTech noted. Researchers also advised the users to protect their IoT devices using security products. In here, they can check Internet traffic that passes through the connected devices and router.