Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

SITREP: Threat actors are leveraging the CVE-2024-3721 vulnerability to compromise TBK DVRs and TP-Link Wi-Fi routers, deploying variants of the Mirai botnet. This exploitation has been confirmed by Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. TACTICAL ASSESSMENT: The successful exploitation of these devices indicates a significant risk to network security, as compromised DVRs can be used to launch DDoS attacks. This development highlights the ongoing vulnerabilities in IoT devices and the potential for increased cyber warfare capabilities among threat actors. PROJECTED VECTORS: Future attacks may expand to include additional IoT devices and networks, increasing the scale of DDoS operations.