Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors.

RondoDox’s expanded arsenal of exploits includes nearly five dozen security flaws, out of which 18 don’t have a CVE identifier assigned. The 56 vulnerabilities span various vendors such as D-Link, TVT, LILIN, Fiberhome, Linksys, BYTEVALUE, ASMAX, Brickcom, IQrouter, Ricon, Nexxt, NETGEAR, Apache, TBK, TOTOLINK, Meteobridge, Digiever, Edimax, QNAP, GNU, Dasan, Tenda, LB-LINK, AVTECH, Zyxel, Hytec Inter, Belkin, Billion, and Cisco.

More recently, RondoDox broadened its distribution by using a ‘loader-as-a-service’ infrastructure that co-packages RondoDox with Mirai/Morte payloads – making detection and remediation more urgent, Trend Micro said.

To read the complete article see: The Hacker News