Home > Cyber News > CVE-2022-26210 TOTOLINK Vulnerability Exploited by Beastmode Botnet
CYBER NEWS

CVE-2022-26210 TOTOLINK Vulnerability Exploited by Beastmode Botnet

by   |  Last Update:  |  0 Comments  

CVE-2022-26210 TOTOLINK Vulnerability Exploited by Beastmode Botnet

Another variant of the infamous Mirai botnet is circling the web, exploiting a list of specific vulnerabilities in TOTOLINK routers.

The critical vulnerabilities are relatively new, disclosed in the period between February and March 2022. Affected is the Linux platform. As a result of the vulnerabilities, remote attackers could gain control over the exposed systems, said FortiGuard Labs researchers (Fortinet).

The researchers have dubbed the Mirai-based campaign, observed in the said period, Beastmode, saying that it had aggressively updated the arsenal of exploits by adding the five new vulnerabilities in TOTOLINK routers.




CVE-2022-26210, CVE-2022-25075 to 84, CVE-2022-26186 in TOTOLINK Routers

The vulnerabilities are the following, as disclosed by FortiGuard:

  • CVE-2022-26210 targeting TOTOLINK A800R, A810R, A830R, A950RG, A3000RU, and A3100R;
  • CVE-2022-26186 targeting TOTOLINK N600R and A7100RU;
  • CVE-2022-25075 to CVE-2022-25084 (25076/25077/25078/25079/25080/25081/25082/25083/25084) – a family of similar vulnerabilities targeting TOTOLINK A810R, A830R, A860R, A950RG, A3100R, A3600R, T6, and T10 routers.

“The inclusion of TOTOLINK exploits is especially noteworthy as they were added just a week after the exploit codes were published on GitHub. We previously reported on the MANGA campaign, which similarly adopted exploit code within weeks of their release,” the report said.

Threat actors are quick to adopt newly released exploit code, thus increasing the number of potential victims and devices included in the Beastmode DDoS botnet. Fortunately, the router vendor (TOTOLINK) has already released updated firmware that fixes the issues. Owners of the affected routers are urged to update their firmware as soon as possible.

Other Mirai-based botnets leveraging different exploits include Yowai and Masuta.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  2. New Mirai Botnet Emerges, Attacking Vulnerable IoT Devices New security reports indicate the emergence of new Mirai botnets...
  3. CVE-2020-5902 Exploited By Mirai Botnet: F5 BIG-IP Flaws Targeted The Mirai Botnet is now targeting a flaw in the...
  4. CVE-2021-20090 in Routers with Arcadyan Firmware Exploited in the Wild A recently disclosed vulnerability in routers running Arcadyan firmware is...
  5. Enemybot Botnet Now Exploiting CMS, Web Server and Android Flaws A new distributed denial-of-service botnet has been detected in the...
  6. Mirai Botnet Attacks Rise After Its Source Code Was Uploaded The notorious IoT(Internet of Things) botnet Mirai has seen a...
  7. CVE-2017-5891, CVE-2017-5892 Found in Asus RT Wireless Routers ASUS RT wireless router owners, beware! If you haven’t updated...
  8. Mirai Botnet Takes Down Over 900K IoT Devices In Germany What appears to be the biggest botnet so far –...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree