An active malware campaign is exploiting two zero-day flaws to incorporate routers and video recorders into a Mirai-based DDoS botnet, nicknamed InfectedSlurs. The malware targets routers and network video recorder (NVR) devices with default admin credentials, according to Akamai. The attackers remain unidentified and the specific vulnerabilities are kept hidden to allow for patch publication. The botnet’s command and control servers use racial slurs and offensive language. It’s linked to the hailBot Mirai variant, which surfaced in September 2023.
Iran-linked hackers disrupt operations at US critical infrastructure sites
Hackers working on behalf of the Iranian government are disrupting operations at multiple US critical infrastructure sites, likely in response to the country’s ongoing war
