Argonaut RISC Core (ARC) processors are one of the most commonly-used in the world and are particularly widely used in IoT devices.
The vulnerability, a variation of the well-known Mirai botnet, has been dubbed Okiru and is claimed to be the first variation of Mirai to be aimed specifically at ARC devices.
The botnet was discovered by the security research team known as Malware Must Die, although it was security researcher ‘Odisseus’ who brought news of the attack to wider attention when he tweeted about the severity of the attack. “From this day, the landscape of #Linux #IoT infection will change. #ARC cpu has produced #IoT dervices more than 1 billion per year. So these devices are what the hackers want to aim to infect #ELF #malware with their #DDoS cannons.”
Mirai has a long, infamous history in attacking IoT devices most notoriously the attack on Dyn servers in October 2016. Odisseus noted that, no sooner had Okiru been identified, than it was responsible for a denial of service attack on a security website.