Businesses should patch their TP-Link routers as soon as possible after the legendary IoT botnet became a target for adoption.
The infamous Mirai botnet, which hijacks control of vulnerable IoT devices, is currently exploiting TP-Link Archer AX21 routers to launch distributed denial of service (DDoS) attacks.
The warning comes after a security flaw in the TP-Link Archer AX21 Wi-Fi router was identified as being actively exploited to allow malicious hackers to execute it, with security researchers From the US Government Cybersecurity and Infrastructure Security Agency (CISA). malicious code remotely.
The high-severity security vulnerability was first disclosed by bug hunters at the Pwn2Own hacking contest in Toronto in December 2022, winning a US$5,000 prize.
This revelation prompted TP-Link to issue a firmware update (which did not properly fix the issue) two months later, followed by another update (which resolved the vulnerability) in March 2023. became.
Unfortunately, malicious hackers seem to have wasted no time in building an exploit for this vulnerability (dubbed CVE-2023-1389) into Mirai’s arsenal.
The only recommended action to prevent exploitation of vulnerable TP-Link routers is to update them with the latest firmware updates that close security holes.
The Mirai botnet launched a massive DDoS attack against DNS service company Dyn in October 2016, causing many users to access popular sites such as Amazon, Reddit, Netflix, Twitter, Soundcloud, and Spotify. When it became impossible, it first attracted wide global attention. , Etsy, Github.
Three men have since been convicted of running the Mirai botnet.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.
