Cybersecurity researchers have identified RondoDox as a new botnet targeting vulnerable TBK DVRs and Four-Faith routers through exploited security flaws. The malware uses advanced techniques to stealthily control devices, perform DDoS attacks, and hide command-and-control traffic by mimicking legitimate platform traffic. #CVE-2024-3721 #CVE-2024-12856 #RondoDox #Mirai #IoTThreats
Keypoints
- RondoDox is a new malware campaign targeting vulnerable DVRs and routers to form a botnet.
- The malware exploits specific security vulnerabilities like CVE-2024-3721 and CVE-2024-12856.
- It uses multi-architecture droppers and evasive techniques, including traffic mimicry of popular platforms.
- The botnet is capable of launching DDoS attacks and hiding command traffic to evade detection.
- RondoDox can maintain persistence, terminate security tools, and rename system files to hinder recovery efforts.
Read More: https://thehackernews.com/2025/07/rondodox-botnet-exploits-flaws-in-tbk.html