A new botnet called RondoDox is aggressively exploiting over 56 vulnerabilities across various IoT devices and web servers since June, using a broad “exploit shotgun” approach. The malware mainly targets devices such as routers, DVRs, and cameras, leveraging recent and older zero-day flaws, including those demonstrated at Pwn2Own events. #RondoDox #ExploitShotgun
Keypoints
- RondoDox targets over 56 vulnerabilities across more than 30 device types since June.
- The botnet exploits CVE-2024-3721 and CVE-2024-12856, among other recent flaws.
- The malware uses an “exploit shotgun” strategy to maximize infection attempts across multiple vulnerabilities simultaneously.
- It heavily targets devices demonstrated at Pwn2Own hacking competitions, such as CVE-2023-1389 in TP-Link routers.
- Users are advised to update firmware, replace end-of-life devices, and segment networks to mitigate risks.