A security research firm has been tracking a botnet that first popped onto its radar back in August that for some reason declines to make use of its DDos capabilities. The first bit of evidence found on the Roboto botnet was when the 360 Netlab team detected a suspicious ELF file in August and then in October captured what turned out to be the downloader for that file in a honeypot. The downloader pulls the botnet from two hard-coded URLS. The malware compromises systems by abusing the Webmin RCE vulnerability CVE-2019-15107.
[Source: SC Magazine UK]