B5 - Botnet Activity

We are seeing a few of our B5 radios beacon out to a known command and control server which indicates that the B5s in question are infected with malware. Although we have several hundred B5s, only 3 are acting in this manner and each one is located at the same site. What would be the best way to go about removing this threat? Should we return the B5s to Mimosa or is there a way to wipe the device? The activity has been ongoing for almost a month and we would like to put a stop to it. Any help would be greatly appreciated.

First off, your best bet will be to go to Mimosa Support. (Orange box that says “Chat with us” on the bottom right of your screen)

They will probably want a support file, if you still have access to your radios I would log in to them and Logs>>Support info and get the file from there as well as the backup config file.

Would you mind sharing more details of what you are seeing? Where the radios are talking to, if you have tried resetting the radios to factory defaults, what firmware you are running, if you have done updates to the radios since they started showing the issue. All of this might help the rest of us help you and see if the issue is happening in our own networks.

1 Like