FortiGuard uncovers DDoS botnet targeting vulnerable TP-Link routers

Share post:

FortiGuard Labs has discovered Condi, a new DDoS botnet that is targeting vulnerable TP-Link Archer AX21 (AX1800) routers. The botnet takes use of a flaw in the routers’ web-based interface, allowing attackers to remotely execute malicious malware.

Tagged CVE-2023-1389, a high-severity bug, it was discovered in these Linux-based devices. When routers get infected, they join the botnet and may be used to perform DDoS attacks against websites and other internet services. The botnet can also detect and remove other malicious programs that are running on compromised routers.

Condi is offering the option to buy the source code for two versions of its botnet: “standard” and “private.” The standard version scans the internet for vulnerable TP-Link routers and infects them with a remote shell script. However, Condi cannot stay active after a reboot, so it deletes certain Linux files related to rebooting. It also has a processID scanner to remove other malicious processes, but this feature has been found to have flaws and doesn’t work properly, according to FortiGuard researchers.

TP-Link has released a firmware update that addresses the vulnerability.

The sources for this piece include an article in TechSpot.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways