Executive summary
  • A vulnerability in DigiEver DS-2105 Pro DVRs is being exploited to spread malware.
  • The Akamai Security Intelligence Research Team (SIRT) noticed this activity in their honeypots on November 18, 2024.
  • The vulnerability was originally discovered by Ta-Lun Yen and a CVE identifier has been requested by the Akamai SIRT.
  • The malware is a Mirai variant that has been modified to use improved encryption algorithms.
  • We have included a list of indicators of compromise (IoCs) in this blog post to assist in defense against this threat.
  • slazer2au
    link
    17 hours ago

    Further investigation into this campaign revealed a new botnet that calls itself the “Hail Cock Botnet” that’s been active since at least September 2024.

    Ha! Nice name.