Aquabotv3: The Botnet That Rings Your Mitel Phones and Your Alarms

Another Mirai botnet variant, Aquabotv3, is causing a stir by exploiting Mitel SIP phone flaws to offer DDoS as-a-service. Akamai’s researchers discovered this variant, which even signals its C2 when caught. With IoT devices as easy targets, Mirai’s notorious legacy continues, much like a bad sequel nobody asked for.

Hot Take:

Just when you thought it was safe to pick up your office phone, the Mirai botnet is back with a new twist, turning Mitel SIP phones into unwilling DDoS maestros. It’s like “The Ring” for telecommunication devices—answer at your own risk!

Key Points:

  • A new Mirai botnet variant, Aquabotv3, exploits a vulnerability in Mitel SIP phones for DDoS attacks.
  • This variant offers DDoS as-a-service, advertised through Telegram under various names.
  • Exploitation relies on a command-injection vulnerability, CVE-2024-41710, identified in Mitel models.
  • Mirai botnet’s persistence in IoT device exploitation remains a significant cybersecurity concern.
  • Organizations are advised to secure IoT devices by updating credentials and monitoring rogue devices.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here