Watch out, your office phone could be hijacked into a Mirai botnet
Posted by:
Emma Walker
Security researchers have discovered a vulnerability in Mitel phones that is being exploited by hackers to launch DDoS attacks using a new variant of the Mirai botnet known as Aquabotv3. This particular vulnerability, tracked as CVE-2024-41710, allows attackers to execute arbitrary commands on affected devices within the Mitel 6800, 6900, and 6900w series of SIP desk phones, along with the 6970 Conference Unit. By taking advantage of this flaw, threat actors are deploying Aquabotv3 to conduct DDoS attacks and monitor the health of the botnet by sending information back to its command & control server when removal attempts are made.
Mitel has released a patch to address this vulnerability, emphasizing the importance of keeping endpoints updated to defend against Aquabot and other Mirai variants. Despite the patch, Mirai and its iterations continue to pose significant threats in cyberspace, with recent reports highlighting the presence of various Mirai variants in the wild, including an offensive-named variant targeting industrial routers in China. It is crucial for organizations using Mitel phones to apply the security patch promptly to mitigate potential risks.
Recent Posts1
Microsoft’s new Surface for Business PCs have AI firmly at the core
February 5, 2025
Watch out, your office phone could be hijacked into a Mirai botnet
February 5, 2025