A new Mirai-based Broadside botnet is actively targeting vulnerable TBK Vision DVR devices to coordinate large-scale DDoS attacks. This threat is particularly concerning for the maritime logistics sector, given the potential access to vessel systems. #Mirai #Broadside #TBKVision #DDoS #maritime
Keypoints
- The Broadside botnet exploits a remote code execution flaw in certain DVR models from TBK Vision and rebranded devices.
- The vulnerability CVE-2024-3721 was publicly disclosed in April 2024, with proof-of-concept code already available.
- Over 50,000 DVR devices worldwide have been exposed, with infections reported across multiple countries.
- Broadside employs in-memory malware loading, custom C&C protocols, and process-killing modules to evade detection and maintain control.
- The targeted DVRs are used on ships, posing risks of cyber-espionage, communication disruption, and lateral network movement in maritime systems.
Read More: https://www.securityweek.com/new-broadside-botnet-poses-risk-to-shipping-companies/