• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
beastmode ddos botnet exploiting new totolink bugs to enslave more

Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers

You are here: Home / General Cyber Security News / Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers
April 4, 2022

A variant of the Mirai botnet named Beastmode has been observed adopting newly disclosed vulnerabilities in TOTOLINK routers amongst February and March 2022 to infect unpatched gadgets and grow its attain most likely.

“The Beastmode (aka B3astmode) Mirai-based DDoS marketing campaign has aggressively updated its arsenal of exploits,” Fortinet’s FortiGuard Labs Investigate staff reported. “Five new exploits were added within just a month, with three focusing on numerous types of TOTOLINK routers.”

The listing of exploited vulnerabilities in TOTOLINK routers is as follows –

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


  • CVE-2022-26210 (CVSS score: 9.8) – A command injection vulnerability that could be exploited to achieve arbitrary code execution
  • CVE-2022-26186 (CVSS rating: 9.8) – A command injection vulnerability affecting TOTOLINK N600R and A7100RU routers, and
  • CVE-2022-25075 to CVE-2022-25084 (CVSS scores: 9.8) – A command injection vulnerability impacting several TOTOLINK routers, major to code execution

CyberSecurity

The other exploits qualified by Beastmode contain flaws in TP-Hyperlink Tapo C200 IP camera (CVE-2021-4045, CVSS score: 9.8), Huawei HG532 routers (CVE-2017-17215, CVSS rating: 8.8), online video surveillance methods from NUUO and Netgear (CVE-2016-5674, CVSS rating: 9.8), and discontinued D-Url goods (CVE-2021-45382, CVSS score: 9.8).

Beastmode DDoS Botnet

To protect against afflicted versions from getting taken over the botnet, buyers are strongly advisable to update their equipment to the most up-to-date firmware.

“Even though the primary Mirai writer was arrested in tumble 2018, [the latest campaign] highlights how danger actors, such as people driving the Beastmode campaign, keep on to speedily integrate recently revealed exploit code to infect unpatched equipment making use of the Mirai malware,” the scientists stated.

Located this short article intriguing? Observe THN on Facebook, Twitter  and LinkedIn to examine far more exclusive material we put up.


Some elements of this report are sourced from:
thehackernews.com

Previous Post: «Cyber Security News 15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks
Next Post: Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums experts shed light on blackguard infostealer malware sold on russian»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • CISA Unveils Ransomware Notification Initiative
  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet

Copyright © TheCyberSecurity.News, All Rights Reserved.