Aquabotv3 Strikes Mitel Phones: The Botnet Comedy You Can’t Hang Up On
Aquabotv3, a Mirai-based botnet variant, exploits CVE-2024-41710 in Mitel SIP phones, turning them into unwitting accomplices in a digital crime spree. Armed with persistence and a penchant for detecting termination attempts, it’s like the James Bond of malware, leaving no trace while sipping its metaphorical martini—shaken, not stirred.
Hot Take:
The Aquabot saga continues with its third installment, now starring Mitel SIP phones as the unwitting accomplices. Who knew something as innocent as office phones could become part of a botnet blockbuster? It seems like the Mitel phones have joined the IoT’s version of Fight Club, where they’re not just making calls but also calling the shots—literally. Akamai’s Security Intelligence and Response Team plays the role of the unsung hero in this thriller, shining a spotlight on the cyber underworld’s latest plot twist.
Key Points:
- The third variant of Mirai-based Aquabot malware exploits a vulnerability in Mitel SIP phones.
- This variant, dubbed Aquabotv3, uniquely reports back kill attempts to its C2 server.
- The vulnerability, CVE-2024-41710, affects specific Mitel phone models with an existing fix available.
- Aquabotv3 uses a proof-of-concept published on GitHub to exploit the vulnerability.
- The botnet aims to conscript devices for DDoS attacks, boasting its capabilities on Telegram.