A recent report by Akami experts highlights a troubling trend: the exploitation of a five-year-old zero-day vulnerability in end-of-life IP cameras by the Corona Mirai-based malware botnet. This blog delves into the details of this issue, its implications, and the broader lessons it offers for cybersecurity.
The Vulnerability in AVTECH IP Cameras
The specific target of this malware campaign is AVTECH IP cameras, which have been out of support since 2019. These cameras are no longer receiving security patches, making them prime targets for cybercriminals. The vulnerability in question is a remote code execution (RCE) zero-day, which allows attackers to inject malicious commands into the camera’s firmware via the network. This particular exploit leverages the ‘brightness’ function in the camera’s firmware, a seemingly harmless feature that has become a gateway for malicious activity.
The Corona Mirai-Based Malware Botnet
The Corona Mirai-based malware botnet is a variant of the infamous Mirai botnet, which has been responsible for some of the most significant distributed denial of service (DDoS) attacks in recent history. By exploiting the RCE vulnerability in AVTECH IP cameras, the malware can gain con
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.