Mirai

  • Blog

    New Mirai botnet infect TBK DVR devices via command injection flaw

    A new variant of the Mirai malware botnet is exploiting a command injection vulnerability in TBK DVR-4104 and DVR-4216 digital video recording devices to hijack them. The flaw, tracked under CVE-2024-3721, is a command injection vulnerability disclosed by security researcher “netsecfish” in April 2024. The proof-of-concept (PoC) the researcher published at the time came in the form of a specially…

    Read More »
  • Blog

    New Mirai botnet targets industrial routers with zero-day exploits

    A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. Exploitation of previously unknown vulnerabilities started in November 2024, according to Chainxin X Lab researchers who monitored the botnet’s development and attacks. One of the security issues is CVE-2024-12856, a vulnerability in Four-Faith industrial routers…

    Read More »
  • Blog

    Juniper warns of Mirai botnet scanning for Session Smart routers

    Juniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials. As the networking infrastructure company explained, the malware scans for devices with default login credentials and executes commands remotely after gaining access, enabling a wide range of malicious activities. The campaign was first observed on December 11, when the first infected…

    Read More »
  • Blog

    Botnet exploits GeoVision zero-day to install Mirai malware

    A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 and was discovered by Piort Kijewski of The Shadowserver Foundation. It is a critical severity (CVSS v3.1 score: 9.8) OS command injection problem, allowing unauthenticated attackers to execute arbitrary system commands…

    Read More »
Back to top button
close