- A vulnerability in Mitel phones is being abused once again
- Computer pirates are using the error to display a variant of Mirai and execute ddos attacks
- The variant is called here and comes with some unique characteristics
Akamai security researchers have caught a new variant of the infamous Mirai Botnet aimed at commercial telephone devices built by Mitel.
Mitel provides business communication solutions, including VoIP services, unified communications and contact center, but according to Akamai, the devices, namely Mitel 6800, 6900 and 6900W of the SIP Desktop Telephone Series, together with the unit of Conference 6970, which is executed in the R6 .4.0.HF1 (R6.4.0.136) firmware-they are vulnerable to a tracked command injection failure such as CVE-2024-41710.
This is a medium severity error (6.8/10) that allows an attacker to execute arbitrary commands within the context of the system.
Counterattack reports
A threat actor took advantage of this defect to deploy Aquabotv3, a new Mirai variant, possibly the most destructive botnet that exists. Aquabot allows its operators to execute distributed denial attacks (DDOS).
This version also comes with a unique and uncommon feature that probably serves to help threat actors tracked the health of the botnet. When a victim sees the malware on his device and tries to delete it, Aquabot will react and send the information about the attempted return to his command and control server (C2).
The best way to defend against Aquabot and other variants of Mirai is to keep the final points updated. Mitel poured this particular vulnerability in July 2024, so if you are using these phones in your organization, be sure to apply the patch to mitigate any risk.
Mirai and its variants continue to wreak havoc in cyberspace. Only in the last 30 days, there have been multiple news reports from different variants of Mirai in nature. For example, Juniper researchers recently warned about a variant of Mirai at the end of December 2024, already early 2025, Chinese researchers discovered a variant of Mirai with an offensive name aimed at industrial rings.
Through The registration
