Almost decade-old vulnerabilities in D-Link devices' Home Network Administration Protocol interface have been exploited to distribute the Mirai-based botnet FICORA and Kaiten-based botnet CAPSAICIN between October and November, SiliconAngle reports.
Numerous Linux architectures could be compromised with the FICORA botnet, which features brute-force and distributed denial-of-service attack capabilities while concealing malicious activity through ChaCha20 encryption, an analysis from Fortinet's FortiGuard Labs researchers showed.
On the other hand, CAPSAICIN — which was particularly active at the end of October — leveraged hardcoded credentials to ensure system control while ending the processes of other botnets on targeted devices, according to FortiGuard Labs researchers.
Such findings emphasize the security risks associated with end-of-life network hardware, which could be exploited by threat actors to enable at-scale malware compromise and other cyberattacks.
"It is crucial for every enterprise to regularly update the kernel of their devices and maintain comprehensive monitoring," said researchers.
