Hardware that records video and easy routers both come with risks.
Akamai, a company that works with cybersecurity, just shared new information that says experts have found a new botnet that is based on the well-known Mirai malware.
The bad infrastructure is called "InfectedSlurs." Two zero-day flaws make it easy for it to spread to routers and DVRs that can connect to the Internet.
It's more possible that the botnet began running at the end of 2018, since the first activity from it was seen in October 2023.
"InfectedSlurs" takes advantage of remote code execution (RCE) flaws by connecting devices that are vulnerable to them to its network so that it can start DDoS attacks, most likely to make money.
Akamai says that the companies that made the devices that are at risk have not yet put out changes that fix these issues. This means that the owners of these gadgets can't fully protect themselves from this danger.
InfectedSlurs did some study and found that the hackers were after NVR video recorders from a company whose name is being kept secret for safety reasons. The "InfectedSlurs" virus does the same thing and targets nameless wireless routers that you can find in stores and houses.
There is no doubt that "InfectedSlurs" is not the same as Mirai JenX. A link was found between the botnet and the attackers' Telegram account, but it had been removed by the time the story was written. The C2 infrastructure makes hailBot work.
For now, there are no fixes for devices that are vulnerable. To temporarily stop botnet activity, experts say that sensitive NVRs and routers should be restarted often. But Akamai didn't say which types and models were affected, so 99% of people who use that kind of gear may not care about this change.
But if you have these kinds of devices, you should wait for new software to come out in a few weeks and then install it as soon as you can. Then hackers can get into your tools all of a sudden.
Comments 0