What's Happening?
A Mirai botnet is actively targeting discontinued D-Link routers that are vulnerable due to a command injection flaw, according to a report by Akamai. The vulnerability, identified as CVE-2025-29635, allows attackers to exploit the routers through crafted
POST requests. This security defect arises from an attacker-controllable function value being copied without validation, leading to potential command execution. The affected routers, specifically the D-Link DIR-823X series, were discontinued last year and no longer receive software updates. Despite D-Link's recommendation to retire these devices, they remain in use, making them susceptible to attacks. The exploitation attempts mirror a proof-of-concept exploit that was publicly disclosed last year. The botnet's payload exhibits typical Mirai characteristics, such as XOR encoding and hardcoded execution strings.
Why It's Important?
The targeting of discontinued routers by the Mirai botnet highlights significant cybersecurity risks for users who continue to operate outdated hardware. These devices, lacking security updates, present an easy target for cybercriminals, potentially compromising connected networks and devices. The incident underscores the importance of maintaining up-to-date hardware and software to protect against evolving threats. For businesses and individuals, the financial and operational impacts of such vulnerabilities can be severe, including data breaches and service disruptions. The continued use of Mirai's source code by various threat actors indicates a persistent threat landscape, emphasizing the need for robust cybersecurity measures.
What's Next?
Users of the affected D-Link routers are advised to discontinue their use and replace them with more secure, updated models. Cybersecurity firms and researchers will likely continue monitoring the situation to identify and mitigate further threats. The incident may prompt manufacturers to enhance their end-of-life policies and support for discontinued products. Additionally, there may be increased advocacy for consumer awareness regarding the risks of using outdated technology.
