Vulnerable Video DVR Devices Now Targeted by the FreakOut Botnet

botnet (aka Necro, N3Cr0m0rPh) creators have updated the malware and added a PoC for Visual Tools DVR, an electronic video recorder utilized in video systems, capable of supporting up to 16 cameras and transmitting live video to two monitors.

FreakOut malware is an obfuscated Python script designed to evade detection using a polymorphic engine and a user-mode rootkit that hides malicious files dropped on compromised systems.

Juniper Threat Labs

According to them, successful exploitation will download the bot into the system and install an XMRig Monero miner. Besides this function, the botnet also supports:

Network Sniffer Spreading by exploits Gaining access via brute-force Using Domain Generation Algorithm Installing a Windows rootkit Receiving and executing bot commands Participating in DDoS attacks Infecting HTML, JS, PHP files Installing Monero Miner -mining campaigns

Source

The POC exploit code for this new , which is an unauthenticated command injection, is publicly available since July 2021. Experts at Juniper Threat Labs see FreakOut botnet exploiting the written below:

Read More: https://heimdalsecurity.com/blog/vulnerable-video-dvr-devices-now-targeted-by-the-freakout-botnet/