Mirai
Coverage of Mirai in the Nexus archive.
- NetNut botnet takes a hit. Don’t be part of the next one.
Google, the FBI, and partners disrupted the NetNut botnet, which used hijacked consumer devices as residential proxies. The operation reduced the botnet's device pool by millions through account disabling, infrastructure sharing, and app warnings. NetNut tricked users into installing malicious apps under the guise of 'bandwidth sharing' payouts.
- Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
Cybersecurity researchers discovered a new Mirai-derived botnet called xlabs_v1 that targets internet-exposed devices running Android Debug Bridge to carry out DDoS attacks. The botnet was discovered by Hunt.io after identifying an exposed directory on a Netherlands-hosted server. This new threat exploits ADB to hijack IoT devices for malicious activities.
- New Mirai campaign exploits RCE flaw in EoL D-Link routers
A new Mirai-based malware campaign is exploiting a high-severity command-injection vulnerability (CVE-2025-29635) in D-Link DIR-823X routers to add devices to a botnet. The routers are end-of-life (EoL), making them a target for attackers.