Security News > 2021 > October > FreakOut botnet now attacks vulnerable video DVR devices
A new update to the FreakOut Python botnet has added a recently published PoC exploit for Visual Tools DVR in its arsenal to further aid in breaching systems.
Mining Monero on a DVR. Researchers at Juniper Threat Labs have analyzed a recent sample of the malware, and warn that Visual Tools DVR VX16 4.2.28.0 from visual-tools.com is being targeted with an exploit for a CVE-less flaw.
The targeted device is a digital video recorder used in professional-grade surveillance video equipment installations, supporting up to 16 cameras and live video transmission to two monitors.
Compromising a DVR device could allow the threat actors to spread laterally in an internal corporate network that the DVR resides on.
When the FreakOut botnet's scans detect a vulnerable system, they will use the exploit to gain access, and install an XMRig Monero miner on the device.
The functions still seen in the latest versions of the FreakOut malware include brute-force spreading and network sniffing, so depending on the interest of the actor or the value of the compromised entity, the attacks could grow into more a more advanced compromise.