Watch out – Your DVR box can be directed by one of the dirtiest botnets there are
- Advertisement -
Related Posts
- Advertisement -
- Kaspersky warns that multiple DVR devices are the target of malware
- The malware assimilates the devices in a botnet, so that DDOS and Proxy options are assigned
- The victims are spread all over the world, and there seems to be no patch
If you use TBK DVR-4104, DVR-4216 or a digital video recording device that uses these authorities as a basis, you want to keep an eye on your hardware because it is actively hunted.
Cyber security researchers from Kaspersky claim that they have seen a year old vulnerability in these devices that are being abused to expand the dreaded Mirai Botnet.
In April 2024, security researchers found a command injection error in the aforementioned devices. According to the NVDThe error is followed as CVE-2024-3721 and received a serious score of 6.3/10 (medium). It can be activated remotely and the attackers grant full control over the vulnerable end point. Shortly after discovery, the error also received a proof-of-concept (POC) exploit.
Victims around the world
Now, a year later, Kaspersky says it saw that the same POC was used to expand the Mirai botnet. The attackers use the bug to drop an arm32 malware who assimilates the device and grants the owners the opportunity to perform distributed Denial of Service (DDOS) attacks, proxy malignant traffic and more.
The majority of the victims that Kaspersky sees are located in China, India, Egypt, Ukraine, Russia, Turkey and Brazil. As a Russian company, however, Kaspersky’s products are prohibited in many Western countries, so the analysis can be somewhat skewed.
The number of potentially vulnerable devices was more than 110,000 in 2024 and has since fallen to around 50,000. Although definitely an improvement, this still means that the attack area is quite large.
Usually, when such a vulnerability is discovered, a patch will follow quickly. Several media sources, however, claim that it is “unclear” if makers have solved TBK Vision de Bug.
Cyber sinsider Reports that multiple brands from third parties use these devices as the basis for their models, which further complicate the availability of patch and explain that “it is very likely that there is no patch for most.”
Some brands are Novo, Cenova, Qsee, Pulnix, XVR 5 in 1, Securus, Night Owl, DVR -Login and others.
Maybe you like it too
- Advertisement -
