Patch Now: Massive RCE Campaign Wrangles Routers Into BotnetPatch Now: Massive RCE Campaign Wrangles Routers Into Botnet
Thousands of devices, including D-Link and Zyxel gear, remain vulnerable to takeover despite the availability of patches for the several bugs being exploited by IZ1H9 campaign.
October 9, 2023
Nimble and able to pivot on the fly to take advantage of emerging vulnerabilities, a campaign named IZ1H9 has ramped up its malware development to target a range of unpatched router and Internet of Things (IoT) devices and add them to a widening botnet used to launch targeted distributed denial-of-service (DDoS) cyberattacks.
Researchers from FortiGuard Labs flagged the campaign, which was recently updated with 13 new payloads leveraging known vulnerabilities in D-Link devices; Netis wireless routers; Sunhillo SureLine; Geutebruck IP cameras; and Yealink Device Management, Zyxel devices, TP-Link Artcher, Korenix Jetwave, and Totolink routers.
"Based on the trigger counts recorded by our IPS signatures, it is evident that peak exploitation occurred on Sept. 6, with trigger counts ranging from the thousands to even tens of thousands," the report said. "This highlights the campaign's capacity to infect vulnerable devices and dramatically expand its botnet through the swift utilization of recently released exploit code, which encompasses numerous CVEs."
Fortinet recommends organizations apply patches and change default login credentials to prevent further attacks.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Quantifying the Gap Between Perceived Security and Comprehensive MITRE ATT&CK Coverage
Building Immunity: The 2021 Healthcare and Pharmaceutical Industry Cyber Threat Landscape Report
Managed Security and the 3rd Party Cyber Risk Opportunity Whitepaper