Cyber Attack cyber

DigiEver

Dec 31, 2024 1 min read
DigiEver

A new variant of the Mirai botnet has been identified as targeting DigiEver DS-2105 Pro DVRs, exploiting a vulnerability that allows attackers to commandeer the devices. The botnet, known as 'Hail Cock Botnet', has been active since September 2024, compromised devices in the wild, particularly IoT devices, and incorporated improved encryption with ChaCha20 and XOR decryption algorithms. This campaign involved exploiting unpatched RCE vulnerabilities, with the outdated DigiEver DS-2105 Pro DVR being ten years old and therefore likely lacking updates from the manufacturer. It signifies a lack of security measures for retired or aging hardware, resulting in the botnet's ability to proliferate and potentially bring about further malicious activity.

Source: https://securityaffairs.com/172345/malware/mirai-botnet-targets-digiever-ds-2105-pro-dvrs.html

TPRM report: https://scoringcyber.rankiteo.com/company/digiever-corp-

"id": "dig000123124",
"linkid": "digiever-corp-",
"type": "Cyber Attack",
"date": "12/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Electronics',
                        'name': 'DigiEver',
                        'type': 'Manufacturer'}],
 'attack_vector': 'RCE vulnerabilities',
 'data_breach': {'data_encryption': 'ChaCha20 and XOR decryption algorithms'},
 'date_detected': 'September 2024',
 'description': "A new variant of the Mirai botnet, known as 'Hail Cock "
                "Botnet', has been identified as targeting DigiEver DS-2105 "
                'Pro DVRs. This botnet exploits a vulnerability that allows '
                'attackers to commandeer the devices, incorporating improved '
                'encryption with ChaCha20 and XOR decryption algorithms. The '
                'campaign involves exploiting unpatched RCE vulnerabilities, '
                'with the outdated DigiEver DS-2105 Pro DVR being ten years '
                'old and therefore likely lacking updates from the '
                'manufacturer. This incident signifies a lack of security '
                'measures for retired or aging hardware, resulting in the '
                "botnet's ability to proliferate and potentially bring about "
                'further malicious activity.',
 'impact': {'systems_affected': 'DigiEver DS-2105 Pro DVRs'},
 'lessons_learned': 'Lack of security measures for retired or aging hardware',
 'motivation': 'Commandeer devices',
 'post_incident_analysis': {'root_causes': 'Unpatched RCE vulnerabilities in '
                                           'outdated hardware'},
 'threat_actor': 'Hail Cock Botnet',
 'title': 'Hail Cock Botnet Targeting DigiEver DS-2105 Pro DVRs',
 'type': 'Botnet',
 'vulnerability_exploited': 'Unpatched RCE vulnerabilities'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.