Microsoft Defender for IoT research team has observed new DDoS attack capabilities in #Zerobot 1.1, including ICMP/SYN/SYN-ACK/ACK floods and various custom UDP/TCP attacks (including XMAS attack).

In addition to credential brute force attacks, #Zerobot 1.1 is capable of exploiting a variety of known/patched vulnerabilities, including *patched* vulnerabilities in Apache HTTP Server, Apache Spark, Tenda GPON routers, LinuxKI, Zivif, Grandstream, Roxy-WI, MiniDVBLinux, etc.