Is Your IoT Device at Risk of Joining the Murdoc Botnet Network?

In a world where connected devices are becoming more prevalent, the cybersecurity landscape is constantly evolving to keep up with new threats. One such emerging threat is the Murdoc Botnet, a variant of the notorious Mirai malware, which has been actively exploiting vulnerabilities in AVTECH IP cameras and Huawei HG532 routers since at least July 2024. The Murdoc Botnet has already managed to infect over 1,370 systems, primarily across Malaysia, Mexico, Thailand, Indonesia, and Vietnam. By leveraging well-known vulnerabilities such as CVE-2017-17215 and CVE-2024-7029, this botnet gains initial access and proceeds to compromise a wide array of devices.

The Mechanics of the Murdoc Botnet

The Murdoc Botnet employs a sophisticated shell script to download and execute malware suited to the device’s specific CPU architecture, thereby maximizing its potential for disruption. This malicious software enables the botnet to perform distributed denial-of-service (DDoS) attacks, which overwhelm targeted systems with massive amounts of traffic, rendering them unusable. According to Censys, an exposure management platform, over 37,995 AVTECH cameras are currently exposed to this threat, primarily in Taiwan, Vietnam, Indonesia, the United States, and Sri Lanka.

Interestingly, the Murdoc Botnet’s development followed the emergence of another Mirai variant known as gayfemboy. This earlier variant exploited a security flaw in Four-Faith industrial routers back in November 2024. Mirai and BASHLITE derivatives have been responsible for large-scale DDoS attacks affecting sectors like telecommunications, technology, cloud computing, banking, gaming, and financial services. Regions such as India, South Africa, Brazil, Bangladesh, and Kenya have been notably impacted. These attacks have had far-reaching consequences, affecting both individual users and large-scale enterprises.

Mitigating the Threat

As the world becomes more connected, the importance of securing such devices cannot be overstated. Automated systems like the Murdoc Botnet highlight the urgent need for robust cybersecurity measures and continuous updates to device firmware to mitigate risks. Staying ahead of such threats requires vigilance, innovation, and collaboration among cybersecurity professionals, manufacturers, and users.

Explore more

Can the Extremely Lean Chain Scale Ethereum to Millions?

As the global demand for decentralized settlement layers continues to surge, the architectural limitations of traditional blockchain storage models have forced a radical reimagining of how network participants verify data. In 2026, the Ethereum ecosystem is shifting toward a more sustainable path through the “Lean Ethereum” roadmap, a series of strategic updates designed to simplify the protocol while massively increasing

Why Third-Party Launchers Outshine the Windows 11 Start Menu

The traditional desktop paradigm is currently facing a silent revolution as users realize that the standard Start menu no longer serves as a bridge to productivity but rather as a billboard for integrated services. This shift in sentiment is not merely a matter of aesthetic preference but a direct response to the increasing friction between human intent and machine execution

Investors Look Beyond UiPath for Agentic Automation Growth

The global investment community has begun to move past the initial phase of artificial intelligence speculation to focus on the tangible returns generated by autonomous digital agents. While enterprise giants have long dominated the conversation regarding robotic process automation, the current market climate favors specialized firms capable of delivering agentic systems that require minimal human oversight. This shift is driven

How Will Qatar’s 2026 Labor Law Reshape the Workforce?

The enactment of Law No. (9) of 2026 represents a decisive pivot in Qatar’s economic strategy, fundamentally altering how the nation manages its most valuable asset: its human capital. By replacing the foundational labor framework that had been in place since 2004, the government has signaled its intent to cultivate a more versatile, competitive, and transparent market. This comprehensive overhaul

Why Is the UK Public Sector So Vulnerable to FortiBleed?

The digital infrastructure of the United Kingdom is currently enduring a sophisticated and relentless siege that has exposed deep-seated structural weaknesses within its most critical public institutions. This campaign, colloquially known as FortiBleed, has systematically targeted high-profile entities such as the National Health Service and the Foreign Office by exploiting mundane security oversights rather than relying on groundbreaking zero-day vulnerabilities.