All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Botnets like Moobot, Miori, the Golang-Based Agent Attacking CVE - 2023-1389
These malware strains leverage vulnerabilities to infiltrate systems, it propagate spammy code, and its takes the whole control over your compromised devices. The Moobot and Miori botnets are notorious for their ability to orchestrate large-scale distributed denial-of-service (DDoS) attacks, hacks computing resources for cryptocurrency mining, and execute other notorious activities. Similarly, the Golang-Based Agent targeting CVE-2023-1389 exploits a specific vulnerability to compromise systems and execute unauthorized commands, which creates issue on your data integrity and system security. It's very crucial to manage for and low grade organizations to stay vigilant, promptly patch vulnerabilities, and deploy robust security measures to mitigate the risks posed by these malicious botnets.
Comments
Anyone who buys TP-Link Archers deserves to get hacked anyway. Its zero effort product and they don't even update the firmware for the current product lineups. You can go to store and buy a brand new router, and if you hook it to internet for 5 mins, its compromised, because there are no updates installed in the factory and you need internet access to download and apply it.
It takes 17 minutes to scan the ipv4 internet with zmap using shared 10G port. now imagine multiple botnet owners doing these constant scans, it wont even take 5 minutes for one to reach it if its on the factory patch.
All home routers should be placed in the same mental bucket of any other "smart" piece of crap. Rely on them, get hurt.
When https still was uncommon I had a home router that 2 minutes after being plugged in it would begin to spoof DNS requests with phishing web sites. Each factory reset would restore it for another 2 minutes.
Maybe it would have been worth to actually mention the affected component in the title instead of forcing everyone to search for the CVE...
Having said that i wonder if i'm the only one who feels that this should really be a non-issue as the management interface wouldn't be reachable from the open internet anyways? I mean, it isn't, right? ... Right??
The only secure way to update those routers, is to put them behind another router, so they get LAN address instead of a public dynamic one from ISP, then select AP mode and update firmware.
so double NAT them?
what router do you suggest putting in front of the shitty one? another shitty one, or just have one not shitty one?
Just briefly yeah. When its updated, then its naturally usable.
the shitty router in front of the other shitty router will get popped instead. what is the point?
It wont be shitty after its updated, so you can put it in front.
Chicken or egg