A recent cybersecurity investigation has revealed a widespread botnet operation that has hijacked approximately 13,000 MikroTik routers worldwide. Cybercriminals leveraged these compromised devices to launch large-scale malspam campaigns and cyberattacks, exploiting misconfigured security settings and outdated firmware. The attackers targeted MikroTik routers by exploiting known vulnerabilities, including the critical CVE-2023-30799, which allows privilege escalation and remote code execution. Once compromised, the routers were configured as SOCKS proxies, enabling attackers to conceal their malicious activities, such as: A significant aspect of the attack was the exploitation of misconfigured Sender Policy Framework…
Read MoreCyber Threat Alert: 13,000 MikroTik Routers Compromised in Global Attack Campaign
