Security News > 2021 > October > FreakOut botnet now attacks vulnerable video DVR devices
A new update to the FreakOut Python botnet has added a recently published PoC exploit for Visual Tools DVR in its arsenal to further aid in breaching systems.
Mining Monero on a DVR. Researchers at Juniper Threat Labs have analyzed a recent sample of the malware, and warn that Visual Tools DVR VX16 4.2.28.0 from visual-tools.com is being targeted with an exploit for a CVE-less flaw.
The targeted device is a digital video recorder used in professional-grade surveillance video equipment installations, supporting up to 16 cameras and live video transmission to two monitors.
Compromising a DVR device could allow the threat actors to spread laterally in an internal corporate network that the DVR resides on.
When the FreakOut botnet's scans detect a vulnerable system, they will use the exploit to gain access, and install an XMRig Monero miner on the device.
The functions still seen in the latest versions of the FreakOut malware include brute-force spreading and network sniffing, so depending on the interest of the actor or the value of the compromised entity, the attacks could grow into more a more advanced compromise.
News URL
Related news
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices (source)
- Mirai botnet behind the largest DDoS attack to date (source)
- New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks (source)