A new variant of the Mirai botnet has been identified as targeting DigiEver DS-2105 Pro DVRs, exploiting a vulnerability that allows attackers to commandeer the devices. The botnet, known as 'Hail Cock Botnet', has been active since September 2024, compromised devices in the wild, particularly IoT devices, and incorporated improved encryption with ChaCha20 and XOR decryption algorithms. This campaign involved exploiting unpatched RCE vulnerabilities, with the outdated DigiEver DS-2105 Pro DVR being ten years old and therefore likely lacking updates from the manufacturer. It signifies a lack of security measures for retired or aging hardware, resulting in the botnet's ability to proliferate and potentially bring about further malicious activity.
Source: https://securityaffairs.com/172345/malware/mirai-botnet-targets-digiever-ds-2105-pro-dvrs.html
"id": "dig000123124",
"linkid": "digiever-corp-",
"type": "Cyber Attack",
"date": "12/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"