Within just 10 days of the disclosure of two critical vulnerabilities in GPON router at least 5 botnet families have been found exploiting the flaws to build an army of million devices.
Security researchers from Chinese-based cybersecurity firm Qihoo 360 Netlab have spotted 5 botnet families, including Mettle, Muhstik, Mirai, Hajime, and Satori, making use of the GPON exploit in the wild.
Gigabit-capable Passive Optical Network (GPON) routers manufacturer by South Korea-based DASAN Zhone Solutions have been found vulnerable to an authentication bypass (CVE-2018-10561) and a root-RCE (CVE-2018-10562) flaws that eventually allow remote attackers to take full control of the device.
Researchers have published a new report, detailing 5 below-mentioned botnet families actively exploiting these issues:
- Mettle Botnet
- Muhstik Botnet
- Mirai Botnet
- Hajime Botnet
- Satori Botnet
Read more: The Hacker News