Botnets Continue to Target Aging D-Link Vulnerabilities
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Two botnets, FICORA and CAPSAICIN, have been exploiting long-standing vulnerabilities in D-Link routers to spread globally. FICORA, a Mirai variant, uses a shell script to download and execute malware on various Linux architectures, incorporating DDoS attack functions. CAPSAICIN, likely based on the Keksec group's botnets, also targets multiple Linux architectures and includes DDoS capabilities. Both botnets exploit weaknesses in the HNAP interface of affected D-Link devices, demonstrating the persistent threat posed by unpatched vulnerabilities. The attackers use servers in the Netherlands and target countries worldwide, with CAPSAICIN focusing on East Asian countries. Regular device updates and comprehensive monitoring are crucial for mitigating these threats.
OPENCTI LABELS :
botnet,ddos,mirai,d-link,ficora,capsaicin,hnap
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Botnets Continue to Target Aging D-Link Vulnerabilities