Attackers Started Exploiting a Router Vulnerability Just 2 Days After Its Disclosure | WHAT REALLY HAPPENED

Attackers Started Exploiting a Router Vulnerability Just 2 Days After Its Disclosure

Juniper Threat Labs found evidence that a vulnerability that "potentially affects millions of home routers" was being actively exploited by hackers just two days after it was revealed to the public.

On Aug. 3, Tenable researcher Evan Grant publicly disclosed the vulnerability in question, which has been assigned the identifier CVE-2021-20090, alongside several other security flaws. Juniper said it "identified some attack patterns that attempt to exploit this vulnerability in the wild coming from an IP address located in Wuhan, Hubei province, China" starting on Aug. 5.

The attacker was reportedly attempting to deploy a variant of the Mirai botnet that's powered numerous high-profile distributed-denial of service (DDoS) attacks since July 2016. This doesn't appear to be the first time the attacker exploited a publicly disclosed vulnerability in their efforts to deploy this botnet—Juniper said it started tracking similar activity on Feb. 18.

Comments

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA