THE page details a critical alert regarding the COXMO botnet variant, which poses a serious threat to internet-connected infrastructure globally. Researchers note the botnet employs advanced tactics including modular propagation to exploit older software vulnerabilities, particularly the CVE-2021-27137 stack buffer overflow flaw.
After initial access, the malware installs itself persistently, sets up automated processes, eliminates rival threats, and can conduct distributed denial-of-service attacks using sophisticated techniques. The COXMO variant also features independent lateral movement capabilities, utilizing external scripts to expand its reach across vulnerable devices.