A brand new Mirai variant has been spotted to exploit nine vulnerabilities.

What’s going on?

  • The new variant has been designed to exploit flaws in routers, DVRs, IP cameras, and products from vendors, such as AVTech, Symantec, Comtrend, MV Power, and D-Link.
  • Among the nine vulnerabilities, one is an remote code execution (RCE) flaw in a Comtrend router model, tracked as CVE-2020-10173.
  • Another flaw spotted is an RCE issue in Netlink GPON Router 1.0.11 that has already been exploited by a Bashlite strain.


  • The new variant uses Telnet and Secure Shell (SSH) brute-forcing techniques to gain control of vulnerable devices.
  • And it uses XOR encryption to hide credentials used to attack the targeted systems.

Other vulnerabilities exploited

Closing words

The bottom line is that botnet developers are frequently upgrading their arsenal to cause maximum damage. Thus, staying safe by proactively analyzing and creating defenses against emerging threats is the advisable approach.

Cyware Publisher