Millions of home routers on Mirai Botnet Radar

According to a research carried out by Maryland based Cybersecurity firm Tenable, hackers are targeting millions of home routers to add them to the Mirai botnet radar that is used to launch DDoS Cyber attack campaigns.

Tenable researchers claim hackers are exploiting a security flaw termed authentication-bypass vulnerability that is impact routers and internet of things (IoT) devices.

Tracked as CVE-2021-20090, researchers from Tenable say that the impact can be seen on routers manufactured by over 20 vendors and ISPs that includes Beeline, British Telecom, Buffalo, Deutsche Telekom, HughesNet, KPN, Asus, ASMAX, ADB, Arcadyan, O2, Orange, Skinny, SparkNZ, Telecom Argentina, TelMex, Telstra, Telus, Verizon and Vodafone.

What’s interesting about this attack campaign is the hackers are targeting devices running on the firmware that is being supplied by Arcadyan.

Juniper Networks, another Cybersecurity firm conducting research on the same bug exploit has come with a statement that its security analysts have found hackers launching Distributed Denial of Service attacks from IP addresses in Wuhan, China and are trying hard to deploy a Mirai malware variant on the affected routers.

Mirai is a kind of malware that turns connected devices into remotely controlled devices called Bots. It was first detected in 2016 when the said malware disrupted the operations of a web hosting company named Dyn, halting access to more than 1200 internationally recognized websites that include HBO, PayPal. The New York Times, Yelp, Visa, Verizon Communications, Airbnb, BBC, Box, Comcast, The Wall Street Journal, Twitter, Netflix and The Guardian. IP Cameras, Printers, baby monitoring cameras, residential gateways, CCTVs and much more were affected by the Mirai botnet malware attack in 2016 and Anonymous and New World Hackers claimed responsibility for the incident.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display