FlagThis

Multiple botnets, including FICORA (Mirai variant) and CAPSAICIN (Kaiten variant), are actively exploiting known vulnerabilities in older D-Link routers to conduct DDoS attacks and propagate malware. These botnets target vulnerabilities in the HNAP interface, allowing remote attackers to execute malicious commands. The ongoing attacks highlight the persistent risks associated with outdated and unpatched devices, emphasizing the need for users to update or replace vulnerable equipment immediately.

The BADBOX malware campaign has compromised over 30,000 Android devices in Germany, including digital photo frames, media players and possibly smartphones. The malware is pre-installed on the devices, exploiting outdated Android versions. The German Federal Office for Information Security (BSI) has taken action to disrupt the communications between infected devices and command-and-control servers. This campaign highlights the risks associated with insecure supply chains and pre-installed malware on IoT devices, and emphasizes the need for rigorous security checks and device updates to prevent similar incidents.