Apr 183 min read
Nexcorium Mirai Variant Exploits TBK DVR Vulnerability to Build DDoS Botnet
Key Findings Fortinet's FortiGuard Labs discovered Nexcorium, a new Mirai variant targeting DVR devices globally to build a DDoS botnet Attackers exploit CVE-2024-3721, a command injection vulnerability in TBK DVR-4104 and DVR-4216 models, to gain remote access The malware displays a "NexusCorp has taken control" message, attributed to the Nexus Team based on code signatures Nexcorium supports multiple processor architectures and uses extensive persistence methods to survive
