Hackers Exploiting 0-day RCE Flaws to Deploy Mirai Malware

Cybersecurity firm Akamai SIRT has reported increased activity in their honeypots targeting a rarely-used TCP port, leading them to discover hackers actively exploiting 0-day RCE flaws to deploy Mirai malware. The researchers linked the activity to a specific NVR manufacturer and wireless LAN routers for residential use and hotels. This recent wave of Mirai botnet activity, specifically the JenX variant, is believed to exploit IoT devices using a video game as cover. The NVR manufacturer has acknowledged the exploit and plans to roll out a fix by December 2023.