A new Mirai botnet variant is exploiting a vulnerability in TBK DVR devices to hijack them for DDoS attacks and malicious traffic relay. The vulnerability CVE-2024-3721 remains unpatched on many devices, impacting several countries and emphasizing the rapid inclusion of public exploits into malware operations. #Mirai #CVE-2024-3721
Keypoints
- A new Mirai malware variant exploits a command injection flaw in TBK DVR devices.
- The vulnerability CVE-2024-3721 allows remote command execution via crafted POST requests.
- Active exploitation has been detected, dropping malware to enlist devices into the botnet.
- Estimated vulnerable devices worldwide are around 50,000, mainly impacting several countries.
- The security status of these DVR devices remains uncertain due to pending patches from manufacturers.
Views: 29