Botnet targets hundreds of thousands of devices using Realtek SDK

  • 28th Aug 2021
  • Onecover

Researchers from SAM Seamless Network have identified that within 48 hours of disclosure, the vulnerabilities in Realtek devices were being exploited in the wild. These serious security flaws exist in Software Development Kits (SDK) of devices. One of the critical security flaws tracked as CVE-2021-35395 impacts smart lightning gateways, IP cameras, travel routers, Wi-Fi repeaters, and smart toys. The bug impacts the management web interface of the devices giving attacks remotely access to scan and run an arbitrary code on flawed devices. The most common network devices using faulty Realtek SDK targeted by Mirai-based botnets are found to be Edimax N150, Netis E1+ extender, N300 Wi-Fi routers, and Repotec RP-WR5444 router. 

Recent developments show how quickly and actively cybercriminals attempt to cash in on any opportunity that arises. Moreover, such vulnerabilities are easy to abuse and can be embedded inside malware code. Therefore, vulnerable device users are recommended to apply patches as soon as possible.