1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Mirai botnet now targeting critical flaw in thousands of routers

    From TechnologyDaily@1337:1/100 to All on Tue Aug 24 15:45:04 2021
    Mirai botnet now targeting critical flaw in thousands of routers

    Date:
    Tue, 24 Aug 2021 14:32:07 +0000

    Description:
    Malware authors have quickly adapted attack strategy to target recently disclosed vulnerabilities in Realtek-powered devices.

    FULL STORY ======================================================================

    A new variant of the Mirai botnet has begun exploiting multiple vulnerabilities in a software development kit (SDK) used by thousands of Realtek-based devices.

    The vulnerabilities were discovered by IoT Inspector, the makers of the firmware security analysis platform of the same name, last week and thought
    to affect more than 65 hardware manufacturers and a variety of wireless devices.

    Network security firm SAM Seamless Network now reveals that the Mirai-based botnet started trawling the web for unpatched devices two days after the public disclosure, even though Realtek had patched the vulnerabilities three days prior to IoT Inspectors announcement. TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << These are the best small business routers Heres our list of the best secure routers We've put together a list of the best endpoint protection software

    One of the vulnerabilities disclosed, CVE-2021-35395, affects the web interface that is part of the SDK, and is a collection of six different vulnerabilities. As of August 18th, we have identified attempts to exploit CVE-2021-35395 in the wild, notes Omri Mallis, chief product architect at SAM Seamless Network. Updated botnet

    The researchers note that the particular Mirai malware used to exploit the Realtek vulnerability, was first seen by Palo Alto Network earlier this year in March.

    This was followed by another sighting by Juniper Networks earlier this month, when the botnet authors exploited another newly discovered vulnerability, again only a couple of days after it was announced.

    This chain of events shows that hackers are actively looking for command injection vulnerabilities and use them to propagate widely used malware quickly. These kinds of vulnerabilities are easy to exploit and can be integrated quickly into existing hacking frameworks that attackers employ, well before devices are patched and security vendors can react, observes Mallis. These are the best firewall apps and services



    ======================================================================
    Link to news story: https://www.techradar.com/news/mirai-botnet-now-targeting-critical-flaw-in-tho usands-of-routers/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)