Old CCTV Cameras Create New Opportunities for Mirai Botnet Variant Exploitation

Posted on By John Neff No Comments on Old CCTV Cameras Create New Opportunities for Mirai Botnet Variant Exploitation
Day
00
–:–
Post Activated

A newly discovered vulnerability in older closed-circuit TV (CCTV) cameras has given rise to fresh attacks by a variant of the notorious Mirai botnet. This vulnerability, found in internet-facing devices, allows hackers to add these cameras to botnets, which are then used to flood websites with junk traffic, causing disruptions.

Cybersecurity experts at Akamai have identified that a variant of the Mirai malware, known as Corona, is exploiting a zero-day flaw in CCTV cameras manufactured by the Taiwan-based company AVTECH. The vulnerability, now tracked as CVE-2024-7029, enables attackers to remotely control the cameras by injecting malicious code. The flaw was found in the “brightness” setting of these cameras.

Despite being outdated and discontinued, these camera models are still widely in use globally, including in critical infrastructure sectors like transportation. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory earlier this August, highlighting the simplicity of the attack, its remote exploitability, and the fact that it has already been publicly exploited.

CISA also noted that AVTECH did not cooperate with the agency to mitigate this and other vulnerabilities in their devices. According to Akamai, this latest Mirai botnet campaign is not limited to CVE-2024-7029 but also targets several other AVTECH vulnerabilities.

This campaign is part of a concerning trend where attackers exploit older, unpatched vulnerabilities that are often overlooked. The Mirai Corona variant’s first observed active campaign began on March 18, with evidence suggesting activity as far back as December 2023.

The vulnerability, although publicly known since 2019, wasn’t officially recognized and assigned a CVE identifier until August 2024. The formal CVE assignment is crucial as it helps organizations identify and address the vulnerability. Akamai researchers emphasized that even without a formal CVE, such vulnerabilities pose significant threats, as attackers continue to exploit them for malicious purposes.

Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com

Blogging, Cybersecurity, Digital Threats, Infrastructure Security, Internet of Things (IoT), Network Security, Technology, Threat Intelligence, Uncategorized, Vulnerability Management Tags:, , , , , , , , , , , , , , , , ,

Related Posts

Kimsuky Strikes Again Blogging
TRJ CYBERSECURITY INTEL REPORT — BLACKLINE ADDENDUM #DataBackup
Until Tomorrow Blogging
FBI Philadelphia Issues Warning to International Students Over Law Enforcement Impersonation Scam Targeting Chinese Nationals Blogging
EU President Condemns Russian Disinformation Targeting Western Balkans Blogging
The Power of a Well-Written Blog Post: Revealing the Truth of Personality Blogging

Leave a Reply

Discover more from The Realist Juggernaut

Subscribe now to keep reading and get access to the full archive.

Continue reading