skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

13,000 MikroTik Routers Compromised in Malware Campaign

/ 1 min read

🕷️ A botnet of 13,000 hijacked MikroTik routers is spreading malware through spam campaigns. Security researchers have identified a global network of compromised MikroTik routers being used to send malicious emails that appear to originate from legitimate domains. This campaign, dubbed Mikro Typo, exploits misconfigured DNS records and the permissive settings of sender policy framework (SPF) TXT records across 20,000 domains, allowing attackers to bypass email security measures. The malware, delivered via ZIP files, initiates connections to a command-and-control server, while the use of SOCKS proxies complicates detection efforts. Experts urge MikroTik device owners to update their firmware and change default credentials to mitigate risks associated with this widespread botnet.

Source
{entry.data.source.title}
Original