CyberNews Briefs

FreakOut Botnet Turns DVRs Into Monero Cryptominers

According to Juniper Threat Labs, the new Necro Python exploits targets’ Visual Tool DVRs used in surveillance systems. The Necro botnet was developed by the threat group FreakOut and has reportedly learned a new trick that consists of infecting the Visual Tool DVRs with a Monero crypto miner. In late September, Juniper Threat Labs noticed that the botnets started to target Visual Tools DVR VX16 4.2.28.0 models with crypto-mining attacks. These devices are typically deployed as part of a professional-quality surveillance system.

Last July, a command injection vulnerability was found in the same devices. Visual Tools has not responded to requests for comments. FreakOut has been active since at least last January, exploiting recently identified and unpatched vulnerabilities to launch distributed denial-of-service and crypto-mining attacks. The threat actors behind the botnet have developed several iterations of Necro, continuing to make steady improvements in performance and persistence over the past several months.

Read More: FreakOut Botnet Turns DVRs Into Monero Cryptominers

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.