Security News > 2023 > January > Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices

According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months.
What's more, 95% of the attacks leveraging the security shortcoming that emanated from Russia singled out organizations in Australia.
"Many of the attacks we observed tried to deliver malware to infect vulnerable IoT devices," Unit 42 researchers said in a report, adding "Threat groups are using this vulnerability to carry out large-scale attacks on smart devices around the world."
The vulnerability impacts a wide range of devices from D-Link, LG, Belkin, Belkin, ASUS, and NETGEAR. Unit 42 said it discovered three different kinds of payloads distributed as a result of in-the-wild exploitation of the flaw -.
The malware, once launched, is equipped to run operating system commands and mount DDoS attacks.
"The surge of attacks leveraging CVE-2021-35394 shows that threat actors are very interested in supply chain vulnerabilities, which can be difficult for the average user to identify and remediate," the researchers concluded.
News URL
https://thehackernews.com/2023/01/realtek-vulnerability-under-attack-134.html
Related news
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-16 | CVE-2021-35394 | Unspecified vulnerability in Realtek Jungle SDK Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. | 9.8 |