AVTECH and Huawei

The Murdoc Botnet, targeting AVTECH IP cameras and Huawei HG532 routers through vulnerabilities, including CVE-2024-7029 and CVE-2017-17215, has compromised devices mainly in Malaysia, Thailand, Mexico, and Indonesia to create a Mirai botnet variant. Over 1300 IPs have been affected, and with the discovery of over 100 servers distributing Mirai malware, the scale of the issue is significant. The botnet leverages command-line injection and GTFOBins to load, execute, and manage payloads, potentially leading to widespread disruption and unauthorized access across a multitude of IoT devices, threatening the integrity and security of impacted systems.

Source: https://securityaffairs.com/173294/cyber-crime/new-mirai-botnet-variant-murdoc-botnet-targets-avtech-ip-cameras-and-huawei-hg532-routers.html

"id": "cen001013025",
"linkid": "censysio",
"type": "Ransomware",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"