Home > Security > Security News

New Mirai Botnet Variant Exploits RCE Flaw CVE-2024-3721 in TBK DVR Devices

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity & Streaming Writer

A new variant of the infamous Mirai botnet is targeting DVR devices using the recently disclosed vulnerability CVE-2024-3721. The variant exploits a critical flaw in TBK DVR systems, enabling remote code execution (RCE) through embedded Linux commands within GET or POST requests.  

The attack leverages a simple shell command embedded in HTTP requests to execute ARM32 binaries on vulnerable devices, according to a report by Kaspersky researchers.

Telemetry indicates that the majority of infections have been detected in countries such as China, India, and Egypt. Over 50,000 exposed DVR devices have been identified, presenting a significant attack surface for cybercriminals.   

Process check
Process check | Source: Kaspersky

Unlike typical botnet infections, this Mirai variant bypasses the architecture detection stage, as DVR systems primarily support ARM32. This targeted approach streamlines the infection process, making it faster and more efficient.

The key features of the Mirai variant are RC4 data encryption, anti-VM techniques, and anti-emulation verification.

The malware employs RC4 encryption to obscure command strings, enhancing its ability to evade detection. The encrypted data is then stored in a custom global structure for retrieval during operations.  

This variant detects if it is running in a virtualized environment by scanning processes for indicators of VMware or QEMU, further complicating analysis by security experts.  

The malware verifies if it is operating within expected directories, introducing additional barriers to reverse engineering.  

The latest reported attack was a near-record distributed denial-of-service (DDoS) attack that struck KrebsOnSecurity last month.

Add a Comment
Related
google
Google Wins Dismissal in Textbook Piracy Lawsuit Backed by Prominent Publishers
Man holding an envelope targeted by a fishing hook, depicting phishing attack
DarkGaboon Targets Russian Companies with Advanced Tactics, Deploys LockBit Ransomware
DOJ Seizes Over $7.74 Million in North Korean Crypto Laundering Crackdown
Newly Identified PathWiper Malware Targets Ukrainian Critical Infrastructure
Qilin Ransomware Gang Claims Breach at US Regents Capital Corporation
BladedFeline Campaign Unveiled Targeting Kurdish and Iraqi Government Officials
Most Popular
google
Google Wins Dismissal in Textbook Piracy Lawsuit Backed by Prominent Publishers
Man holding an envelope targeted by a fishing hook, depicting phishing attack
DarkGaboon Targets Russian Companies with Advanced Tactics, Deploys LockBit Ransomware
Tyler Perry's Straw Movie
Straw Movie Ending Explained: What is the Heartbreaking Truth Behind it all?
The Survivors
The Survivors Ending Explained: Gabby's fate, Bronte's Reveal, and Evelyn Bay’s Long-Buried Secrets
Image sows Switzerland which is currently having debates as "Infomaniak Criticizes Proton Over Swiss Surveillance Law Debate"
Infomaniak Criticizes Proton Over Swiss Surveillance Law Debate
DOJ Seizes Over $7.74 Million in North Korean Crypto Laundering Crackdown
Google Wins Dismissal in Textbook Piracy Lawsuit Backed by Prominent Publishers
DarkGaboon Targets Russian Companies with Advanced Tactics, Deploys LockBit Ransomware
Straw Movie Ending Explained: What is the Heartbreaking Truth Behind it all?
The Survivors Ending Explained: Gabby's fate, Bronte's Reveal, and Evelyn Bay’s Long-Buried Secrets
Infomaniak Criticizes Proton Over Swiss Surveillance Law Debate
DOJ Seizes Over $7.74 Million in North Korean Crypto Laundering Crackdown

Most Popular
google
Google Wins Dismissal in Textbook Piracy Lawsuit Backed by Prominent Publishers
Man holding an envelope targeted by a fishing hook, depicting phishing attack
DarkGaboon Targets Russian Companies with Advanced Tactics, Deploys LockBit Ransomware
Tyler Perry's Straw Movie
Straw Movie Ending Explained: What is the Heartbreaking Truth Behind it all?
The Survivors
The Survivors Ending Explained: Gabby's fate, Bronte's Reveal, and Evelyn Bay’s Long-Buried Secrets
Image sows Switzerland which is currently having debates as "Infomaniak Criticizes Proton Over Swiss Surveillance Law Debate"
Infomaniak Criticizes Proton Over Swiss Surveillance Law Debate
DOJ Seizes Over $7.74 Million in North Korean Crypto Laundering Crackdown
Google Wins Dismissal in Textbook Piracy Lawsuit Backed by Prominent Publishers
DarkGaboon Targets Russian Companies with Advanced Tactics, Deploys LockBit Ransomware
Straw Movie Ending Explained: What is the Heartbreaking Truth Behind it all?
The Survivors Ending Explained: Gabby's fate, Bronte's Reveal, and Evelyn Bay’s Long-Buried Secrets
Infomaniak Criticizes Proton Over Swiss Surveillance Law Debate
DOJ Seizes Over $7.74 Million in North Korean Crypto Laundering Crackdown

TechNadu keeps you informed with the latest in cybersecurity, VPNs, streaming, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2025 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: