BotenaGo is a malware developed in an open-source programming language “Go” created by Google. In October 2021, the source code for Botena malware was leaked, allowing additional versions to be created based on the original. Nozomi Networks Labs uncovered a new variant of BotenaGo and named it “Lilin Scanner” which particularly targets Lilin security camera DVR equipment. Lilin Scanner is extremely evasive, with a 0% detection rate. Its main purpose is to use a list of IP addresses as inputs to infect its victims with Mirai executables. It is incapable of self-propagation. Mirai payloads are downloaded and executed on vulnerable devices after they have been infected by the Lillin scanner. Still, because it exclusively targets gadgets from a single manufacturer, this new BotenaGo variant isn’t a huge danger.