Hackers Exploit Vulnerability in Cambium Networks Routers
/ 1 min read
🌐💥 Hackers exploit zero-day vulnerability in Cambium Networks routers for DDoS attacks. Threat actors are leveraging an undisclosed zero-day flaw in Cambium Networks cnPilot routers to deploy the AIRASHI variant of the AISURU botnet, conducting distributed denial-of-service (DDoS) attacks since June 2024. The botnet exploits multiple known vulnerabilities and has demonstrated a stable attack capacity of 1-3 Tbps, primarily affecting devices in Brazil, Russia, Vietnam, and Indonesia, while targeting countries like China and the U.S. The AIRASHI botnet has evolved to include proxy functionality, indicating a shift in its operational capabilities. Additionally, a separate backdoor named alphatronBot has been identified, targeting Chinese entities and utilizing a decentralized peer-to-peer network for command execution.
