Security News > 2023 > November > Mirai malware infects routers and cameras for new botnet
Akamai has uncovered two zero-day bugs capable of remote code execution, both being exploited to distribute the Mirai malware and built a botnet army for distributed denial of service attacks.
Because the security holes aren't plugged yet, Akamai's Security Intelligence Response Team did not name the brands or the affected devices.
The camera vendor produces about 100 network video recorder, DVR, and IP products, and although the zero-day targets one specific model, Akamai says a sub-variant model of the device is "Likely" also vulnerable.
"The feature being exploited is a very common one, and it's possible there is code reuse across product line offerings," according to the Akamai Security Intelligence Response Team's advisory.
Akamai's researchers monitor botnet activity using a global network of honeypots but didn't spot the new Mirai variant until October - and didn't know which devices it was targeting until November 9.
It primarily uses older JenX Mirai code, although Akamai noted some samples it spotted were linked to the hailBot Mirai variant.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/11/23/zeroday_routers_mirai_botnet/
Related news
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Juniper warns of Mirai botnet targeting Session Smart routers (source)
- Juniper warns of Mirai botnet scanning for Session Smart routers (source)
- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft (source)
- AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services (source)
- Volt Typhoon rebuilds malware botnet following FBI disruption (source)
- Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords (source)
- BadBox malware botnet infects 192,000 Android devices despite disruption (source)