Businesses should patch their TP-Link routers as soon as possible after the legendary IoT botnet became a target for adoption.
The infamous Mirai botnet, which has hijacked control of vulnerable IoT devices, is now exploiting TP-Link Archer AX21 routers to launch distributed denial of service (DDoS) attacks.
the warning comes from security researcher and the U.S. Government Cybersecurity and Infrastructure Security Agency (CISA)after it was confirmed that a security flaw in the TP-Link Archer AX21 Wi-Fi router was being actively exploited to allow malicious hackers to execute malicious code remotely.
The high-severity security vulnerability was first disclosed by bug hunters at the Pwn2Own hacking contest in Toronto in December 2022, winning a US$5,000 prize.
This revelation prompted TP-Link to issue a firmware update (which did not properly fix the issue) two months later, after which another update (Vulnerability Resolved) March 2023.
Unfortunately, it appears that malicious hackers wasted no time in incorporating an exploit for this flaw (dubbed CVE-2023-1389) entered Mirai’s arsenal, so the current attacks that have been going on since last month.
The only recommended action to prevent exploitation of vulnerable TP-Link routers is to update them with the latest firmware updates that close security holes.
The Mirai botnet first gained widespread global attention in October 2016. launched a massive DDoS attack DNS service company Dyn has blocked many users from accessing popular sites like Amazon, Reddit, Netflix, Twitter, Soundcloud, Spotify, Etsy and Github.
Three men have since been convicted of running the Mirai botnet.
Editor’s note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.