Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

‘Broadside’ Mirai variant targets maritime logistics sector

(Monica Volpin / Pixabay)

By Elizabeth Montalbano

Yet another variant of the Mirai botnet is threatening the maritime logistics sector by exploiting a critical flaw in digital recording devices used by companies on seagoing vessels. The attacks allow for remote command injection via the vulnerability, enabling attackers to establish Netlink-based process monitoring for persistence and other malicious activities.

Researchers at Cydome’s Cybersecurity Research Team identified the variant, which they dubbed “Broadside,” about 10 days ago while monitoring marine assets, according to a blog post published today. The attack, which they later discovered has been active for months, is targeting DVR systems via CVE-2024-3721, one of several Internet of Things (IoT) flaws being pummeled by botnets since at least October. 

The flaw allows attackers to use command injection to hijack TBK DVR-4104 and DVR-4216 digital video recording devices, which are widely used in the maritime industry. This sector historically lacks a significant cybersecurity profile and thus is uniquely vulnerable to cyberattacks, as current marine assets are using exposed systems that most likely lack patches for even well-known security flaws, Shamar Dumai, head of marketing at Cydome, tells Dark Reading.

Read more at Dark Reading

Click to listen highlighted text!