Murdoc Botnet Ensnaring Avtech, Huawei Devices

A new variant of the Mirai malware has been observed exploiting vulnerabilities in Avtech cameras and Huawei routers to ensnare the devices into a botnet, security firm Qualys reports.

Dubbed Murdoc Botnet, the malware has been actively targeting Avtech and Huawei devices for roughly six months. According to Qualys, at least 1,300 IPs have been active as part of the campaign.

The botnet’s operators use more than 100 servers for command-and-control (C&C), which are tasked with establishing communication with the compromised hosts and with distributing the Mirai malware.

Murdoc has been targeting Avtech AVM1203 IP cameras affected by CVE-2024-7029, a high-severity bug leading to remote code execution (RCE).

The issue came to light on August 1, 2024, when the US cybersecurity agency CISA warned that it had been exploited in the wild as a zero-day and that Avtech had not responded to attempts to get the bug patched ...