FROM THE CROW'S NEST: "Unmasking the New Zero-Day Botnet Plague on the Cyber Seas"

 "Unmasking the New Zero-Day Botnet Plague on the Cyber Seas"

Ahoy, digital corsairs! Gather around in the crow's nest, for I've spotted some turbulent seas ahead in the cyber realm. Our latest voyage through the treacherous waters of the internet has uncovered a menacing wave - a new botnet, dubbed InfectedSlurs - akin to the dreaded Mirai, lurking and ready to pounce on unsuspecting victims.

The Akamai Security Intelligence Response Team (SIRT) has been on the lookout, tracking this threat since late 2022. Their vigilance revealed two zero-day vulnerabilities being exploited in the wild, leading to the creation of a Distributed Denial-of-Service (DDoS) botnet. This botnet specifically targets routers and Network Video Recorder (NVR) devices with default admin credentials to implant Mirai variants​​.

In late October 2023, the Akamai SIRT noted a surge in attempts to breach a rarely used TCP port. These attempts, initially aimed at authentication via a POST request, escalated to command injection exploits upon successful entry. Investigation pinpointed a specific HTTP exploit path and targeted port. The payloads indicated the targeted devices might be CCTV/NVR/DVR/security camera devices. Further probing confirmed this, as the plaintext credentials in the exploit payload matched default administrative credentials documented by an NVR manufacturer across multiple product manuals​​.

The SIRT discovered a new zero-day exploit during this process, and through responsible disclosure, they're working with the vendor on a fix expected in December 2023. Meanwhile, a second zero-day exploit was identified, targeting an outlet-based wireless LAN router used in hotels and residential applications. Again, a fix is anticipated in December 2023​​.

These revelations underscore the importance of cybersecurity vigilance and the need for constant monitoring and updating of security protocols. The murky waters of the internet are filled with threats, but with a keen eye and swift action, we can navigate these challenges and keep our digital ships safe. For the full tale of this digital storm, set your course to Akamai's detailed blog post on this topic right here. Stay alert and safe sailing, cyber corsairs! 🏴‍☠️💻⚔️🌊