Unseen Exploit Turns Everyday D‑Link Gateways Into Botnet Powerhouses
A fresh wave of Mirai‑style malware is weaponising CVE‑2025‑29635, a remote‑code execution flaw in the legacy D‑Link DIR‑823X router. Reuters‑cited security researchers observed a surge of more than 12,000 newly compromised devices within a single week, eclipsing the infection rates of earlier Miri variants. The rapid expansion threatens to amplify DDoS capabilities and underscores the urgency of patching outdated home networking gear.
Key Takeaways
- Vulnerability in focus: CVE‑2025‑29635 enables unauthorised remote code execution on D‑Link DIR‑823X routers.
- Infection velocity: Over 12,000 additional devices have been co‑opted into the botnet in the past seven days.
- Comparative escalation: The current strain outpaces previous Mirai‑derived malware in both speed and scale.
- Impact scope: Compromised home gateways can be marshalled for large‑scale DDoS attacks, amplifying threats to critical internet infrastructure.
- Mitigation advice: Immediate firmware updates, disabling remote management, and replacing obsolete routers are essential defenses.
Top comments (0)