- Vulnerability in Mitel phones is again mistreated
- Pirates use the bug to deploy a variant of mirai and perform DDOS attacks
- The variant is called Aquabot and is delivered with some unique features
Akamai security researchers have caught a new variant of the infamous Botnet Mirai targeting commercial telephone devices built by Mitel.
Mitel provides corporate communication solutions, including VOIP, unified communications and contact center services, but according to Akamai, aircraft – namely Mitel 6800, 6900 and 6900W SIP Desk telephones, with the unit of conference 6970, operating on firmware R6 .4.0.HF1 (r6.4.0.136)-are vulnerable to a lack of control injection followed like CVE-2024-41710.
It is a medium-severity bug (6.8 / 10) which allows an attacker to execute arbitrary orders in the context of the system.
Report of counterattacks
A threat player took advantage of this defect to deploy Aquabotv3, a new variant of Mirai, undoubtedly the most destructive botnet. Aquabot allows its operators to carry out distributed service attacks (DDOS).
This version is also delivered with a unique and rare feature which most likely serves to help actors follow the health of the botnet. When a victim identifies the malware on his device and tries to remove it, Aquabot will react and send information on the attempt to return to his order and control server (C2).
The best way to defend yourself against Aquabot and other Mirai variants is to keep up to date. Mitel corrected this particular vulnerability in July 2024, so if you use these phones in your organization, be sure to apply the patch to mitigate the risks.
Mirai and its variants continue to wreak havoc in cyberspace. In the past 30 days only, there have been several reports from different Mirai variants identified in the wild. For example, juniper researchers recently warned against a Mirai variant at the end of December 2024 and, in early January 2025, Chinese researchers discovered a variant of mirai with an offensive name targeting industrial routers.
Via The register
