Central to the operation is the Mirai botnet, which compromises IoT devices.
More than 35 million devices have been compromised as part of a DDoS attack.
According to Aqua Security Nautilus threat research team, threat actor Matrix has compromised devices, mostly in China and Japan, and exploited known Apache HugeGraph and Arcadyan firmware flaws and the SSH and Telnet administrative protocols.
Matrix targets the devices using botnets ranging in size between 350,000 and 1.7 million compromised systems, reports SiliconAngle
Central to the operation is the Mirai botnet, which compromises IoT devices through weak or default credentials, integrating them into a network capable of global disruption.
"Matrix's campaign highlights how basic security lapses can lead to widespread vulnerabilities. Addressing these gaps, such as misconfigured devices and unpatched systems, is essential to reducing exposure to such large-scale threats," said researchers, who urged organizations to restrict admin IoT and enterprise system interface access and implement network monitoring tools, among others, to prevent potential attacks.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
