The domain registrar giant said that the breach started in October 2019.
The botnet uses SSH brute-force attacks to infect devices and uses a custom implant written in the Go Language.
The vulnerability is one of 39 affecting various aspects of the mobile OS that the company fixed in a security update this week.
Researchers warn commercial airplane systems can be spoofed impacting flight safety of nearby aircraft.
Hackers targeted Ghost on Sunday, in a cryptocurrency mining attack that caused widespread outages.
CVE-2020-2883 was patched in Oracle’s April 2020 Critical Patch Update – but proof of concept exploit code was published shortly after.
Threat actors are spreading the tricky trojan through fake messages in another opportunistic COVID-19-related campaign, said IBM X-Force.