![]() The attacks against Huawei HG532 devices were observed in several countries, including the USA, Italy, Germany, and Egypt.Įxperts observed that attacks attempt to exploit the CVE-2017-17215 zero-day vulnerability in the Huawei home router residing in the fact that the TR-064 technical report standard, which was designed for local network configuration, was exposed to WAN through port 37215 (UPnP – Universal Plug and Play). The malicious code was developed to target IoT devices, the Sartori version targets port 37215 on Huawei HG532 devices. Satori is an updated variant of the notorious Mirai botnet that was first spotted by the malware researchers MalwareMustDie in August 2016. The suspected threat actor behind the attack has been identified by his nickname, ‘Nexus Zeta’.” states the report published by Check Point security. ![]() The delivered payload has been identified as OKIRU /SATORI, an updated variant of Mirai.“A Zero-Day vulnerability (CVE-2017-17215) in the Huawei home router HG532 has been discovered by Check Point Researchers, and hundreds of thousands of attempts to exploit it have already been found in the wild.The activity of the Satori botnet has been observed over the past month by researchers from Check Point security.
0 Comments
Leave a Reply. |