Subj : Watch out - your DVR box could be targeted by one of the nastiest To : All From : TechnologyDaily Date : Tue Jun 10 2025 19:30:09 Watch out - your DVR box could be targeted by one of the nastiest botnets around Date: Tue, 10 Jun 2025 18:27:00 +0000 Description: Mirai operators are hunting for new devices, and are targeting a year-old bug, experts warn. FULL STORY ======================================================================Kaspersk y warns multiple DVR devices are being targeted with malware The malware assimilates the devices into a botnet, granting DDoS and proxy capabilities The victims are scattered all over the world, and there seems to be no patch If you are using TBK DVR-4104, DVR-4216, or any digital video recording device that uses these instances as its basis, you might want to keep an eye on your hardware because its being actively hunted. Cybersecurity researchers at Kaspersky claim to have seen a year-old vulnerability in these devices being abused to expand the dreaded Mirai botnet. In April 2024, security researchers found a command injection flaw in the devices listed above. As per the NVD , the flaw is tracked as CVE-2024-3721, and was given a severity score of 6.3/10 (medium). It can be triggered remotely and grants the attackers full control over the vulnerable endpoint. Soon after discovery, the flaw also got a Proof-of-Concept (PoC) exploit. Victims around the world Now, a year later, Kaspersky says it saw this same PoC being used to expand the Mirai botnet. The attackers are using the bug to drop an ARM32 malware which assimilates the device and grants the owners the ability to run distributed denial of service (DDoS) attacks, proxy malicious traffic, and more. The majority of victims Kaspersky is seeing are located in China, India, Egypt, Ukraine, Russia, Turkey, and Brazil. However as a Russian company, Kasperskys products are banned in many Western countries, so its analysis could be somewhat skewed. The number of potentially vulnerable devices was more than 110,000 in 2024, and has since dropped to around 50,000. While most definitely an improvement, it still means that the attack surface is rather large. Usually, when a vulnerability like this is discovered, a patch soon follows. However, multiple media sources are claiming that it is unclear if makers TBK Vision patched the bug. CyberInsider reports that multiple third-party brands use these devices as a basis for their models, further complicating patch availability, and stating that its very likely that for most, there is no patch. Some of the brands are Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, and others. Via BleepingComputer You might also like TVT DVRs become prime target for Mirai botnet Take a look at our guide to the best authenticator app We've rounded up the best password managers ====================================================================== Link to news story: https://www.techradar.com/pro/security/watch-out-your-dvr-box-could-be-targete d-by-one-of-the-nastiest-botnets-around --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .