Sunday, October 6, 2024
HomeCyber AttackD-Link RCE Vulnerability Exploited in Wild, Impacts 92,000 Devices

D-Link RCE Vulnerability Exploited in Wild, Impacts 92,000 Devices

Published on

Cybercriminals have actively exploited a critical vulnerability in D-Link Network Attached Storage (NAS) devices globally.

Identified as CVE-2024-3273, this remote code execution (RCE) flaw poses a significant threat to as many as 92,000 devices worldwide.

The exploit allows attackers to execute arbitrary code on vulnerable devices, potentially leading to data theft, device hijacking, and the spread of malware.

- Advertisement - EHA

The Discovery and Impact

A generic shell script pattern that botnet operators frequently use is involved in the exploit. This script attempts to execute malware across every possible CPU architecture, hoping that at least one attempt will succeed.

The malware, identified as “skid.x86,” is fetched from a remote server and has been analyzed and shared for further scrutiny on VirusTotal, a popular platform for malware analysis.

In response to the discovery, GreyNoise quickly released a tag for tracking attempts to exploit the CVE-2024-3273 vulnerability.

Document
Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

D-Link, the manufacturer of the affected NAS devices, has issued a support announcement regarding the vulnerability.

The company is actively working on addressing the issue and has urged users of the affected devices to stay informed about updates and patches.

D-Link’s commitment to resolving the vulnerability is a critical step in mitigating the exploit’s impact and safeguarding users’ data and devices.

Free Webinarfor DIFR/SOC Teams: Securing the Top 3 SME Cyber Attack Vectors - Register Here.

The Broader Implications

The exploitation of CVE-2024-3273 highlights the constant threat that cybercriminals pose and the significance of effective cybersecurity measures.

It highlights the need for continuous monitoring, timely updates, and the adoption of best practices in cybersecurity.

For users of D-Link NAS devices, it is imperative to follow the company’s guidance and apply any available patches to protect against potential attacks.

The vulnerability was first brought to light by GreyNoise, a cybersecurity firm renowned for its expertise in internet-wide scans and attack analysis.

The active exploitation of the CVE-2024-3273 vulnerability in D-Link NAS devices is a stark reminder of the vulnerabilities within our digital infrastructure.

GreyNoise and D-Link’s swift response exemplifies the importance of vigilance and collaboration in the fight against cyber threats.

As the situation evolves, staying informed and taking proactive measures will be key to ensuring the security of our devices and data.

In a world where cyber threats are constantly evolving, the discovery and mitigation of vulnerabilities like CVE-2024-3273 play a crucial role in maintaining the integrity and security of our digital ecosystem.

Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Cloud Penetration Testing Checklist – 2024

Cloud Penetration Testing is a method of actively checking and examining the Cloud system...

Linux Malware perfctl Attacking Millions of Linux Servers

Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Linux Malware perfctl Attacking Millions of Linux Servers

Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...