Security News

Cybercrime groups have been exploiting vulnerabilities in digital video recorders made by Taiwan-based surveillance solutions provider LILIN to increase the size of their botnets. The vendor released firmware updates that should patch the exploited flaws on February 14, but the vulnerabilities had a zero-day status until this date.

A wide variety of Zyxel and LILIN IoT devices are being conscripted into several botnets, researchers have warned. Users are advised to implement the provided firmware updates to plug the security holes exploited by the botmasters or, if they can't, to stop using the devices altogether or to put them behind network firewalls.

A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage devices in an attempt to remotely infect and control vulnerable machines. Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall products to take control of the devices and add them to a network of infected bots that can be used to carry out Distributed Denial of Service attacks.

A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage devices in an attempt to remotely infect and control vulnerable machines. Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall products to take control of the devices and add them to a network of infected bots that can be used to carry out Distributed Denial of Service attacks.

Multiple zero-day vulnerabilities in digital video recorders for surveillance systems manufactured by Taiwan-based LILIN have been exploited by botnet operators to infect and co-opt vulnerable devices into a family of denial-of-service bots. The findings come from Chinese security firm Qihoo 360's Netlab team, who say different attack groups have been using LILIN DVR zero-day vulnerabilities to spread Chalubo, FBot, and Moobot botnets at least since August 30, 2019.

Multiple zero-day vulnerabilities in digital video recorders for surveillance systems manufactured by Taiwan-based LILIN have been exploited by botnet operators to infect and co-opt vulnerable devices into a family of denial-of-service bots. The findings come from Chinese security firm Qihoo 360's Netlab team, who say different attack groups have been using LILIN DVR zero-day vulnerabilities to spread Chalubo, FBot, and Moobot botnets at least since August 30, 2019.

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. Security experts at Palo Alto Networks said Thursday their sensors detected the new Mirai variant - dubbed Mukashi - on Mar. 12.

Some consider Necurs to be the largest botnet ever, with estimates from 2017 indicating that, at the time, it consisted of more than 6,000,000 infected computers. In its blog post, Microsoft said that, along with partners, it's been spending the past eight years tracking and planning to knock the knees off Necurs.

Microsoft has bragged of downing a nine million-strong Russian botnet responsible for vast quantities of email spam. The Necurs botnet, responsible over the years for quite a considerable volume of spam - as well as being hired out to crims pushing malware payloads such as the infamous Locky ransomware and Dridex malware - was downed by Microsoft and its industry chums following a US court order allowing the private sector companies to go in hard and heavy on the botnet.

The Mirai botnet is known for targeting Internet of Things devices and conducting massive DDoS attacks, as described by cyberthreat researcher Check Point Research. A look at the top cyber threats for February by Check Point Research highlights the latest developments in popular malware strains and vulnerabilities.