The vulnerability became known a little over a week ago. From then on, it took just three days for the attacks to start. Behind the DDoS bombardment is supposed to be a group that has been known for a long time and that uses a botnet based on the Mirai Trojan, which has also been known for a long time. The infrastructure had previously exploited a similar bug in millions of routers that work with the Arcadyan firmware, reports The Record.
In the present case, the attackers exploited a vulnerability that came into the firmware of various routers with the SDK of the Realtek chipset. The components are installed in devices from 65 manufacturers. This means that an enormous range of devices has a security hole.
It is difficult to take measures against the attacks that are already in progress. On the one hand, numerous manufacturers have to incorporate a patch from Realtek into their firmware and publish appropriate updates. And then of course the users have to be persuaded to install the updates. Usually, inexperienced users care little about the small boxes that are somewhere in the house and distribute Internet access. However, it is possible that the DDoS attacks ultimately lead to a certain level of suffering and increase the willingness to update.
According to the discoverers of the vulnerability, around 200 different router models are affected. Above all, DDoS attacks are likely to disrupt their ability to provide the usual Internet connections. The motivation for the perpetrators to carry out their attacks is unclear.
Web Desk is the news author at Research Snipers which mainly covers Technology News, Microsoft News, Google News, Facebook, Apple, Huawei, Xiaomi, and other tech news and served by Research Snipers Staff and editors.