Breaking News
Chinese Botnet Infects 260,000 SOHO Routers, IP Cameras with Stock Malware
Date: March 12, 2023
A massive botnet consisting of over 260,000 infected SOHO (Small Office/Home Office) routers and IP cameras has been discovered, with roots traced back to China. The malware used in the botnet is a commonly found stock malware, dubbed "Satori," which was previously used in attacks in 2018.
The Malware
Satori is a malware designed to infect IoT devices and use them to perform various malicious activities, such as:
- Distributing ransomware
- Launching DDoS attacks
- Spreading spam messages
- Stealing user data
The malware uses a vulnerability in the IoT devices’ firmware to infect them, allowing it to spread rapidly and remain hidden from detection.
Impact
The botnet is estimated to have affected SOHO routers and IP cameras from various manufacturers, including:
- TP-Link
- Netgear
- D-Link
- Linksys
Experts warn that the malware’s presence in these devices puts millions of users at risk of data breaches, as well as potential loss of internet connectivity and service outages.
Remedy
To protect your devices from this botnet, it is recommended that users:
- Update their device’s firmware to the latest version
- Change default passwords and use strong passwords
- Disable UPnP (Universal Plug and Play) and enable firewalls
- Use anti-malware software and a reputable antivirus program
Investigation
Chinese authorities have been notified and are investigating the source of the malware and the identity of the individuals responsible.
Quote
"This is a serious issue that affects a large number of devices, and we urge all affected users to take immediate action to secure their devices," said a spokesperson from BleepingComputer.
SEO Tags
botnet, Chinese malware, stock malware, Satori malware, SOHO routers, IP cameras, IoT devices, cybersecurity, ransomware, DDoS attacks, spam messages, user data, firmware, internet connectivity, service outages, data breaches, updates, passwords, UPnP, firewalls, antivirus, anti-malware, Chinese authorities.
Stay tuned for further updates as this story develops. In the meantime, keep your devices secure and updated to avoid falling victim to this botnet.
https://www.bleepingcomputer.com/ne…0-000-routers-ip-cameras-with-botnet-malware/
Empasis in brackets was mine.
This includes models by:
Actiontec
Asus RT-*/GT-*/ZenWifi
DrayTek Vigor
Mikrotik
Ruckus
Ruijie
Tenda
TOTOLINK
TP-Link
VPNT iGate