Summary: Cybersecurity researchers have identified a large-scale campaign exploiting vulnerabilities in AVTECH IP cameras and Huawei HG532 routers to create a variant of the Mirai botnet known as Murdoc_Botnet. This ongoing activity has infected over 1,370 systems since July 2024, primarily in Southeast Asia and Latin America. The botnet aims to conduct distributed denial-of-service (DDoS) attacks by leveraging known security flaws to compromise Internet of Things (IoT) devices.
Threat Actor: Murdoc_Botnet Operators | Murdoc_Botnet
Victim: Various IoT Devices | AVTECH IP cameras and Huawei HG532 routers
Keypoints :
- The botnet exploits vulnerabilities such as CVE-2017-17215 and CVE-2024-7029 to gain access to IoT devices.
- Infections have been reported predominantly in Malaysia, Mexico, Thailand, Indonesia, and Vietnam.
- Recommendations for protection include monitoring suspicious processes, applying firmware updates, and changing default credentials.
Source: https://thehackernews.com/2025/01/murdocbotnet-found-exploiting-avtech-ip.html