Summary: A new Mirai-based botnet has emerged, utilizing zero-day exploits to target vulnerabilities in industrial routers and smart home devices, significantly increasing its sophistication and attack capabilities.
Threat Actor: Unknown | Mirai-based botnet
Victim: Various | industrial routers and smart home devices
Key Point :
- The botnet exploits over 20 vulnerabilities, including the zero-day CVE-2024-12856 in Four-Faith routers.
- It has around 15,000 active nodes, primarily located in China, the United States, Russia, Turkey, and Iran.
- Attacks are characterized by high intensity, exceeding 100 Gbps, despite being short in duration.
- Users are advised to update their devices, disable unnecessary remote access, and change default credentials to mitigate risks.