On December 11, 2024, Juniper Networks reported that a Mirai botnet was targeting Session Smart Router (SSR) products by exploiting devices with default passwords. The malicious actors compromised the SSR devices and used them to launch DDoS attacks against other devices. The systems infected with the Mirai malware displayed signs of unusual activity such as port scanning, failed SSH logins, spikes in outbound traffic, and connections from malevolent IP addresses. Juniper Networks urged customers to bolster security by changing default credentials, using strong passwords, monitoring access logs, utilizing firewalls and IDS/IPS, and updating firmware to mitigate against such threats.
Source: https://securityaffairs.com/172157/malware/juniper-networks-mirai-botnet.html
"id": "jun000122124",
"linkid": "juniper-networks",
"type": "Ransomware",
"date": "12/2024",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"