QNAP VioStor NVR vulnerability actively exploited by malware botnet

A Mirai-based botnet called ‘InfectedSlurs’ is exploiting a vulnerability in QNAP VioStor NVR devices, making them part of its DDoS swarm. Found by Akamai’s SIRT in 2023, InfectedSlurs was exploiting zero-day vulnerabilities in routers and NVR devices. Patches for these vulnerabilities have since been released by relevant vendors, and Akamai has published follow-up reports. InfectedSlurs targets legacy VioStor NVR models which have not updated their firmware. Outdated models should be replaced for security updates to take effect.