image credit: Adobe Stock

New SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 Countries

July 14, 2023

A new malware strain has been found covertly targeting small office/home office (SOHO) routers for more than two years, infiltrating over 70,000 devices and creating a botnet with 40,000 nodes spanning 20 countries.

Lumen Black Lotus Labs has dubbed the malware AVrecon, making it the third such strain to focus on SOHO routers after ZuoRAT and HiatusRAT over the past year.

“This makes AVrecon one of the largest SOHO router-targeting botnets ever seen,” the company said. “The purpose of the campaign appears to be the creation of a covert network to quietly enable a range of criminal activities from password spraying to digital advertising fraud.”

Read More on The Hacker News