A new botnet named RondoDox exploits over 50 vulnerabilities across various network devices, including routers, DVRs, and servers, to conduct malicious activities such as DDoS attacks and cryptocurrency mining. Its rapid expansion and use of sophisticated evasion techniques pose a significant threat to organizations with exposed network infrastructure. #RondoDox #Mirai #Morte #CVE2023-1389 #TPLinkArcherAX21
Keypoints
- RondoDox targets over 50 vulnerabilities across more than 30 device vendors.
- The botnet exploits critical flaws like CVE-2023-1389 in TP-Link routers and others in DVRs and routers.
- It is used for cryptocurrency mining, DDoS attacks, and enterprise network hacking.
- RondoDox employs techniques such as infrastructure rotation and payload co-packaging with Mirai and Morte.
- The widespread impact emphasizes the need for timely patching of high-severity vulnerabilities.
Read More: https://www.securityweek.com/rondodox-botnet-takes-exploit-shotgun-approach/