The Gayfemboy botnet has been exploiting a vulnerability in Four-Faith industrial routers since November 2024 to launch DDoS attacks. This botnet variant, using the Mirai codebase, has integrated N-day and 0-day exploits and has been attacking with over 15,000 daily active nodes. The attacks have targeted various global entities including the U.S and China and have resulted in blackholing traffic and disabling services due to the overwhelming network resources consumed by DDoS. The botnet targets several vulnerabilities across different devices and has disrupted not only Four-Faith routers but also affected other devices like Neterbit routers and Vimar smart home devices. The severity of this attack is predominantly on network resources, causing significant disruption.
Source: https://securityaffairs.com/172805/malware/gayfemboy-mirai-botnet-four-faith-flaw.html
"id": "xia000011425",
"linkid": "xiamen-four-faith-communication-technology-co-ltd",
"type": "Vulnerability",
"date": "1/2025",
"severity": "100",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"