DigiEver Fix That IoT Thing!

SUMMARY :

In mid-November 2024, the Akamai SIRT discovered an uptick in activity targeting the URI /cgi-bin/cgi_main.cgi in our global network of honeypots. This activity appears to be part of a recent ongoing Mirai-based malware campaign dating back to at least October 2024. Further investigation into this campaign revealed a new botnet that calls itself the “Hail C*ck Botnet” that’s been active since at least September 2024. Using a Mirai malware variant that incorporates ChaCha20 and XOR decryption algorithms, it has been seen compromising vulnerable Internet of Things (IoT) devices in the wild, such as the DigiEver DVR, and TP-Link devices through CVE-2023-1389.

OPENCTI LABELS :

mirai,iot,tp-link,digiever


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


DigiEver Fix That IoT Thing!