Novel AndoryuBot DDoS botnet leverages Ruckus RCE bug

Vulnerable Ruckus Wireless Admin panels are being targeted by the new distributed denial-of-service botnet Andoryu through the exploitation of a recently patched critical vulnerability, tracked as CVE-2023-25717, which enables remote code execution to facilitate the inclusion of compromised devices to attackers’ DDoS arsenal, BleepingComputer reports. Malicious HTTP GET requests are being used by Andoryu to infect devices of various system architectures before proceeding with downloading an additional script for infection spread and communicating with the command-and-control server, according to a report from Fortinet.

Read full article on SC Magazine

 


Date:

Categorie(s):

Tag(s):