Cybersecurity researchers have uncovered a sophisticated VoIP router botnet exploiting weak default passwords and Telnet vulnerabilities, initially targeting rural New Mexico before expanding worldwide. The attack primarily involved IoT devices, including Cambium Networks hardware, illustrating the ongoing risks of insecure internet-connected systems. #Mirai #VoIPSecurity
Keypoints
- The botnet exploited VoIP-enabled routers through default password attacks and Telnet brute-force techniques.
- The initial activity was detected in rural New Mexico, specifically targeting devices connected to the Pueblo of Laguna Utility Authority.
- Research indicated that affected systems displayed behaviors similar to the Mirai botnet, including high-volume login attempts.
- Many targeted devices operated on outdated Linux firmware, with some Cambium routers vulnerable to known exploits from 2017.
- Experts recommend auditing Telnet access, disabling default credentials, and updating device firmware to prevent future compromises.
Read More: https://gbhackers.com/new-voip-botnet-targets-routers/