Hackers have created a new variant of the IoT/Linux botnet “Tsunami” that exploits a year-old but as yet unresolved vulnerability.
The Amnesia botnet targets an unpatched remote code execution vulnerability that was publicly disclosed more than a year ago in DVR (digital video recorder) devices made by TVT Digital and branded by over 70 vendors worldwide.
The vulnerability affects around 227,000 devices worldwide with Taiwan, the United States, Israel, Turkey, and India being the most exposed.
The Amnesia botnet is yet to be use to mount a large-scale attack but the potential for harm is very real.
“Amnesia exploits this remote code execution vulnerability by scanning for and attacking vulnerable systems. “A successful attack results in Amnesia gaining full control of the device.
Attackers could potentially harness the Amnesia botnet to launch wide ranging DDoS attacks similar to the Mirai botnet attacks that were seen in the latter half of 2016.Amnesia BotNet