January 21, 2025 By Pierluigi Paganini
Researchers warn of a campaign exploiting AVTECH IP cameras and Huawei HG532 routers to create a Mirai botnet variant called Murdoc Botnet.
Murdoc Botnet is a new Mirai botnet variant that targets vulnerabilities in AVTECH IP cameras and Huawei HG532 routers, the Qualys Threat Research Unit reported.
The botnet has been active since at least July 2024, the experts discovered that over 1300 IPs were found active on this campaign. Most of the infected systems are in Malaysia, Thailand, Mexico, and Indonesia.
Researchers found over 100 servers distributing Mirai malware and communicating with compromised IPs, indicating the campaign is ongoing.
“Mirai malware, here dubbed as Murdoc Botnet, is a prominent malware family for *nix systems. It mainly targets vulnerable AVTECH and Huawei devices. This botnet also uses some existing exploits (CVE-2024-7029, CVE-2017-17215) to download the next-stage payloads.” reads the advisory.