Central to the operation is the Mirai botnet, which compromises IoT devices.
More than 35 million devices have been compromised as part of a DDoS attack.
According to Aqua Security Nautilus threat research team, threat actor Matrix has compromised devices, mostly in China and Japan, and exploited known Apache HugeGraph and Arcadyan firmware flaws and the SSH and Telnet administrative protocols.
Matrix targets the devices using botnets ranging in size between 350,000 and 1.7 million compromised systems, reports SiliconAngle
Central to the operation is the Mirai botnet, which compromises IoT devices through weak or default credentials, integrating them into a network capable of global disruption.
"Matrix's campaign highlights how basic security lapses can lead to widespread vulnerabilities. Addressing these gaps, such as misconfigured devices and unpatched systems, is essential to reducing exposure to such large-scale threats," said researchers, who urged organizations to restrict admin IoT and enterprise system interface access and implement network monitoring tools, among others, to prevent potential attacks.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
