Security25.11.2023

Thousands of routers and video recorders susceptible to hostile botnet

Cybersecurity researchers at networking company Akamai have discovered that malicious actors are actively exploiting two newly identified zero-day vulnerabilities in a popular router and network video recorders (NVRs) to carry out distributed denial-of-service (DDoS) attacks.

The Akamai Security Intelligence Response Team (SIRT) discovered a botnet it was tracking made use of the devices, which had been remotely infected with variants of the infamous Mirai malware family.

“The payload targets routers and NVR devices with default admin credentials and installs Mirai variants when successful,” Akamai SIRT explained.

The flaws that enabled this are part of one or more models of NVRs and an outlet-based wireless LAN router from a Japanese manufacturer. The latter is commonly used in hotels and households.

Akamai SIRT identified at least 7,000 devices vulnerable to the exploits. However, the actual number could be higher because it could not rule out that additional router models made by the same manufacturer were not impacted.

The organisation would not yet name the vendors whose devices are impacted by the exploits as it was awaiting updates about the affected models and patches to fix the flaws.

The latter is expected to be rolled out in December 2023, after which Akamai SIRT will reveal more details.


Now read: Attackers threaten to leak every South African’s private financial data — unless TransUnion and Experian pay R1.1 billion

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter