New Aquabot Variant Targeting Mitel SIP Phones
NetmanageIT OpenCTI - opencti.netmanageit.com

SUMMARY :
A new variant of the Mirai-based malware, Aquabot, dubbed Aquabotv3, is actively exploiting Mitel SIP phones through CVE-2024-41710. This variant introduces a novel feature for Mirai-based botnets: reporting back to the command and control server when kill signals are caught on infected devices. The malware spreads through various vulnerabilities, including Hadoop YARN, and targets IoT devices. It's being advertised as a DDoS-as-a-service on platforms like Telegram. The botnet's unique signal handling could be used to observe defensive activities or detect disruptions from competing botnets.
OPENCTI LABELS :
botnet,ddos,mirai,iot,cve-2018-10562,cve-2018-10561,aquabotv3,cve-2022-31137,aquabot,cve-2018-17532,cve-2023-26801,cve-2024-41710
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
New Aquabot Variant Targeting Mitel SIP Phones