AryStinger Botnet Uses Intranet Scanning and Traffic Tunneling to Hide Attacker Activity

A newly analyzed botnet family, AryStinger, weaponizes long‑neglected routers and NAS appliances to build a stealthy reconnaissance and relay infrastructure that helps attackers obscure origin and extend lateral reach. AryStinger leverages decade‑old vulnerabilities in RTL819X‑based routers and a more feature‑rich…