Security News > 2021 > August > Attackers Actively Exploiting Realtek SDK Flaws
Threat actors zeroing in on command injection vulnerabilities reported in Realtek chipsets just days after multiple flaws were discovered in the software developers kits deployed across at least 65 separate vendors.
SAM Seamless Network reported two days after the bugs were made public, attackers made "Multiple" attempts breach the company's Secure Home product to spread a new version of Mirai malware.
"The exploit attempts to deploy a Mirai variant detected in March by Palo Alto Networks. Mirai is a notorious IoT and router malware circulating in various forms for the last 5 years. It was originally used to shut down large swaths of the internet but has since evolved into many variants for different purposes."The report goes on to link another similar attack to the attack group.
"These kinds of vulnerabilities are easy to exploit and can be integrated quickly into existing hacking frameworks that attackers employ, well before devices are patched and security vendors can react."
The original IoT Inspector report linked this kind of vulnerability to recent supply chain attacks on SolarWinds and Kaseya.
Just a day after the Realtek revelations, Mandiant in coordination with the Cybersecurity and Infrastructure Security Agency, reported a flaw in IoT cloud platform ThroughTek Kalay.