Security News > 2023 > June > Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
The U.S. Cybersecurity and Infrastructure Security Agency has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation.
Federal agencies in the U.S. are mandated to update their devices by June 21, 2023.
The disclosure also comes as Palo Alto Networks Unit 42 detailed a new wave of attacks mounted by an active Mirai botnet variant dubbed IZ1H9 since early April 2023.
The intrusions have been found to leverage multiple remote code execution flaws in internet-exposed IoT devices, including Zyxel, to ensnare them into a network for orchestrating distributed denial-of-service attacks.
It's worth noting that Mirai has spawned a number of clones since its source code was leaked in October 2016.
"IoT devices have always been a lucrative target for threat actors, and remote code execution attacks continue to be the most common and most concerning threats affecting IoT devices and linux servers," Unit 42 said.
News URL
https://thehackernews.com/2023/06/active-mirai-botnet-variant-exploiting.html
Related news
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices (source)
- Mirai botnet behind the largest DDoS attack to date (source)
- New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks (source)
- Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested (source)
- Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords (source)
- Juniper warns of Mirai botnet targeting Session Smart routers (source)
- Juniper warns of Mirai botnet scanning for Session Smart routers (source)
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)