Mirai botnet now targeting critical flaw in thousands of routers
New Mirai variant has been on the prowl since March
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A new variant of theMirai botnethas begun exploiting multiple vulnerabilities in a software development kit (SDK) used by thousands of Realtek-based devices.
Thevulnerabilities were discoveredbyIoTInspector, the makers of the firmware security analysis platform of the same name, last week and thought to affect more than 65 hardware manufacturers and a variety of wireless devices.
Network security firm SAM Seamless Network now reveals that the Mirai-based botnet started trawling the web for unpatched devices two days after the public disclosure, even though Realtek had patched the vulnerabilities three days prior to IoT Inspectors’ announcement.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Click here to start the survey in a new window«
“One of the vulnerabilities disclosed, CVE-2021-35395, affects the web interface that is part of the SDK, and is a collection of six different vulnerabilities. As of August 18th, we have identified attempts to exploit CVE-2021-35395 in the wild,”notesOmri Mallis, chief product architect at SAM Seamless Network.
Updated botnet
The researchers note that the particular Miraimalwareused to exploit the Realtek vulnerability, was first seen by Palo Alto Network earlier this year in March.
This was followed by another sighting by Juniper Networks earlier this month, when the botnet authors exploited another newly discovered vulnerability, again only a couple of days after it was announced.
“This chain of events shows that hackers are actively looking for command injection vulnerabilities and use them to propagate widely used malware quickly. These kinds of vulnerabilities are easy to exploit and can be integrated quickly into existing hacking frameworks that attackers employ, well before devices are patched and security vendors can react,” observes Mallis.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
This dangerous new malware is hitting Windows devices by hiding in games
Windows PCs targeted by new malware hitting a vulnerable driver
Steps to take when your phone number is publicly listed online
