Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks

An active malware campaign is exploiting two zero-day flaws to incorporate routers and video recorders into a Mirai-based DDoS botnet, nicknamed InfectedSlurs. The malware targets routers and network video recorder (NVR) devices with default admin credentials, according to Akamai. The attackers remain unidentified and the specific vulnerabilities are kept hidden to allow for patch publication. The botnet’s command and control servers use racial slurs and offensive language. It’s linked to the hailBot Mirai variant, which surfaced in September 2023.