Botnet

Bashlite

First seen: 2014-11 • Status: active

Currently Active Threat

Bashlite is an older IoT botnet that still infects devices with weak passwords. It is used for DDoS attacks.

Overview

Bashlite is an IoT botnet that predates Mirai. It targets routers and IoT devices using ShellShock and default credentials.

Also Known As

Gafgyt, Lizkebab, Qbot (IoT)

How It Spreads

  • ShellShock exploitation
  • Default credentials
  • Telnet brute force

What It Does

  • DDoS attacks
  • IoT compromise

Is your business exposed?

Target Platforms

Linux (IoT)

Detection Tips

  • Patch ShellShock
  • Monitor IoT device traffic

MITRE ATT&CK Techniques

T1498, T1110, T1068

If You're Infected

  1. 1.

    Update device firmware

  2. 2.

    Change default credentials

Related Malware

Mirai, Mozi

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices